CVE-2022-50877 — Linux vulnerability

7 documents6 sources

Severity

5.3MEDIUM

No vector

EPSS

0.0%

top 93.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: net: broadcom: bcm4908_enet: update TX stats after actual transmission Queueing packets doesn't guarantee their transmission. Update TX stats after hardware confirms consuming submitted data. This also fixes a possible race and NULL dereference. bcm4908_enet_start_xmit() could try to access skb after freeing it in the bcm4908_enet_poll_tx().

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.12.0 — 5.15.77+1

▶Debianlinux/linux_kernel< 6.0.7-1+2

▶CVEListV5linux/linux4feffeadbcb2e5b11cbbf191a33c245b74a5837b — c9589e18a60c55c76772a38117ef9a16b942e56b+3

▶debiandebian/linux< linux 6.0.7-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-pqjx-v84v-r7r4: In the Linux kernel, the following vulnerability has been resolved: net: broadcom: bcm4908_enet: update TX stats after actual transmission Queueing↗2025-12-30

▶

OSV

CVE-2022-50877: In the Linux kernel, the following vulnerability has been resolved: net: broadcom: bcm4908_enet: update TX stats after actual transmission Queueing pa↗2025-12-30

▶

OSV

net: broadcom: bcm4908_enet: update TX stats after actual transmission↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: net: broadcom: bcm4908_enet: update TX stats after actual transmission↗2025-12-30

▶

Debian

CVE-2022-50877: linux - In the Linux kernel, the following vulnerability has been resolved: net: broadc...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50877 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶