CVE-2022-50265Linux vulnerability

5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm->rx_wait kcm->rx_psock can be read locklessly in kcm_rfree(). Annotate the read and writes accordingly. syzbot reported: BUG: KCSAN: data-race in kcm_rcv_strparser / kcm_rfree write to 0xffff88810784e3d0 of 1 bytes by task 1823 on cpu 1: reserve_rx_kcm net/kcm/kcmsock.c:283 [inline] kcm_rcv_strparser+0x250/0x3a0 net/kcm/kcmsock.c:363 __strp_recv+0x64c/0xd20 net/strparser/strparser.c:301 s

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.64.9.332+7
Debianlinux/linux_kernel< 5.10.158-1+3
CVEListV5linux/linuxab7ac4eb9832e32a09f4e8042705484d2fb0aad3dbc3a0b917c4f75292b1c0819c188e40fd3c8924+8
debiandebian/linux< linux 6.0.7-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50265: In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm->rx_wait kcm->rx_psock can be read locklessly2025-09-15
GHSA
GHSA-7m24-gr82-qg53: In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm->rx_wait kcm->rx_psock can be read locklessl2025-09-15

📋Vendor Advisories

2
Red Hat
kernel: kcm: annotate data-races around kcm->rx_wait2025-09-15
Debian
CVE-2022-50265: linux - In the Linux kernel, the following vulnerability has been resolved: kcm: annota...2022
CVE-2022-50265 — Linux vulnerability | cvebase