CVE-2022-50655Missing Initialization of Resource in Linux

CWE-909Missing Initialization of Resource6 documents5 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 85.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the following: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x2, &(0x7f0000000180)=[{0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}) pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000140)='\x00!', 0x2}], 0x1, 0x0, 0x0) [ 9

Affected Packages4 packages

Linuxlinux/linux_kernel4.20.05.4.229+4
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linuxd58e468b1112dcd1d5193c0a89ff9f98b5a3e8b97da524781c531ebaf2f94c9dc4c541b82edecfed+6
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-wcm6-h78p-r673: In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warnin2025-12-09
OSV
CVE-2022-50655: In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning2025-12-09
OSV
ppp: associate skb with a device at tx2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: ppp: associate skb with a device at tx2025-12-09
Debian
CVE-2022-50655: linux - In the Linux kernel, the following vulnerability has been resolved: ppp: associ...2022