CVE-2022-50710 — NULL Pointer Dereference in Linux

CWE-476 — NULL Pointer Dereference7 documents6 sources

Severity

5.8MEDIUM

No vector

EPSS

0.0%

top 92.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: ice: set tx_tstamps when creating new Tx rings via ethtool When the user changes the number of queues via ethtool, the driver allocates new rings. This allocation did not initialize tx_tstamps. This results in the tx_tstamps field being zero (due to kcalloc allocation), and would result in a NULL pointer dereference when attempting a transmit timestamp on the new ring.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.14.0 — 5.15.75+2

▶Debianlinux/linux_kernel< 6.0.3-1+2

▶CVEListV5linux/linuxea9b847cda647b9849b0b9fa0447e876a1ac62e1 — 624f03a027f2b18647cc4f1a7a81920a1e4e0201+4

▶debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-r3vp-q59j-x732: In the Linux kernel, the following vulnerability has been resolved: ice: set tx_tstamps when creating new Tx rings via ethtool When the user changes↗2025-12-24

▶

OSV

CVE-2022-50710: In the Linux kernel, the following vulnerability has been resolved: ice: set tx_tstamps when creating new Tx rings via ethtool When the user changes t↗2025-12-24

▶

OSV

ice: set tx_tstamps when creating new Tx rings via ethtool↗2025-12-24

▶

📋Vendor Advisories

Red Hat

kernel: Linux kernel: Denial of Service in ice driver via uninitialized transmit rings↗2025-12-24

▶

Debian

CVE-2022-50710: linux - In the Linux kernel, the following vulnerability has been resolved: ice: set tx...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50710 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶