CVE-2022-50569 — Linux vulnerability

6 documents5 sources

Severity

5.5MEDIUM

No vector

EPSS

0.1%

top 80.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcomp_scratches with NULL when freed Currently if ipcomp_alloc_scratches() fails to allocate memory ipcomp_scratches holds obsolete address. So when we try to free the percpu scratches using ipcomp_free_scratches() it tries to vfree non existent vm area. Described below: static void * __percpu *ipcomp_alloc_scratches(void) { ... scratches = alloc_percpu(void *); if (!scratches) return NULL; ipcomp_scratches does…

Affected Packages4 packages

▶Linuxlinux/linux_kernel2.6.12 — 4.9.331+7

▶Debianlinux/linux_kernel< 5.10.158-1+3

▶CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 — debca61df6bc2f65e020656c9c5b878d6b38d30f+9

▶debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2022-50569: In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcomp_scratches with NULL when freed Currently if ipcomp_alloc_scrat↗2025-10-22

▶

GHSA

GHSA-h9qx-33jg-gh24: In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcomp_scratches with NULL when freed Currently if ipcomp_alloc_scr↗2025-10-22

▶

OSV

xfrm: Update ipcomp_scratches with NULL when freed↗2025-10-22

▶

📋Vendor Advisories

Red Hat

kernel: xfrm: Update ipcomp_scratches with NULL when freed↗2025-10-22

▶

Debian

CVE-2022-50569: linux - In the Linux kernel, the following vulnerability has been resolved: xfrm: Updat...↗2022

▶