CVE-2022-50259 — Race Condition in Linux

CWE-362 — Race Condition CWE-911 — Improper Update of Reference Count5 documents5 sources

Severity

4.7MEDIUMNVD

EPSS

0.0%

top 97.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sock_map_free() sock_map_free() calls release_sock(sk) without owning a reference on the socket. This can cause use-after-free as syzbot found [1] Jakub Sitnicki already took care of a similar issue in sock_hash_free() in commit 75e68e5bf2c7 ("bpf, sockhash: Synchronize delete from bucket list on map free") [1] refcount_t: decrement hit 0; leaking memory. WARNING: CPU: 0 PID: 3785 at lib/refcount.c:…

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages4 packages

▶NVDlinux/linux_kernel5.4.14 — 5.4.229+5

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linux20ae0cb8983b05136d5293c47fadc99a8ca8ca2d — 4cabc3af4a6f36c222fecb15858c1060e59218e7+6

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

CVE-2022-50259: In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sock_map_free() sock_map_free() calls release_sock(sk) w↗2025-09-15

▶

GHSA

GHSA-jq2f-5728-j337: In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sock_map_free() sock_map_free() calls release_sock(sk)↗2025-09-15

▶

📋Vendor Advisories

Red Hat

kernel: Linux kernel: Denial of Service due to use-after-free in sock_map_free↗2025-09-15

▶

Debian

CVE-2022-50259: linux - In the Linux kernel, the following vulnerability has been resolved: bpf, sockma...↗2022

▶