CVE-2022-50865 — Integer Overflow or Wraparound in Linux

CWE-190 — Integer Overflow or Wraparound7 documents6 sources

Severity

7.5HIGH

No vector

EPSS

0.0%

top 92.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() The type of sk_rcvbuf and sk_sndbuf in struct sock is int, and in tcp_add_backlog(), the variable limit is caculated by adding sk_rcvbuf, sk_sndbuf and 64 * 1024, it may exceed the max value of int and overflow. This patch reduces the limit budget by halving the sndbuf to solve this issue since ACK packets are much smaller than the payload.

Affected Packages4 packages

▶Linuxlinux/linux_kernel4.9.0 — 5.4.278+3

▶Debianlinux/linux_kernel< 5.10.158-1+3

▶CVEListV5linux/linuxc9c3321257e1b95be9b375f811fb250162af8d39 — 9d04b4d0feee12bce6bfe37f30d8e953d3c30368+5

▶debiandebian/linux< linux 6.0.7-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2022-50865: In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() The type of sk_rcvbuf↗2025-12-30

▶

GHSA

GHSA-2qmc-x97c-8pmc: In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() The type of sk_rcvbu↗2025-12-30

▶

OSV

tcp: fix a signed-integer-overflow bug in tcp_add_backlog()↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()↗2025-12-30

▶

Debian

CVE-2022-50865: linux - In the Linux kernel, the following vulnerability has been resolved: tcp: fix a ...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50865 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶