CVE-2022-50356NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 17

Description

In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfb_init() fails When the default qdisc is sfb, if the qdisc of dev_queue fails to be inited during mqprio_init(), sfb_reset() is invoked to clear resources. In this case, the q->qdisc is NULL, and it will cause gpf issue. The process is as follows: qdisc_create_dflt() sfb_init() tcf_block_get() --->failed, q->qdisc is NULL ... qdisc_put() ... sfb_reset() qdisc_reset(q->qdis

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel2.6.395.10.152+3
Debianlinux/linux_kernel< 5.10.158-1+3
CVEListV5linux/linuxe13e02a3c68d899169c78d9a18689bd73491d59aded86c4191a3c17f8200d17a7d8a6f63b74554ae+4
debiandebian/linux< linux 6.0.6-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-j338-p6p6-pp64: In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfb_init() fails When the de2025-09-17
OSV
CVE-2022-50356: In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfb_init() fails When the defa2025-09-17

📋Vendor Advisories

2
Red Hat
kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails2025-09-17
Debian
CVE-2022-50356: linux - In the Linux kernel, the following vulnerability has been resolved: net: sched:...2022
CVE-2022-50356 — NULL Pointer Dereference in Linux | cvebase