CVE-2022-50883Improper Validation of Specified Type of Input in Linux

CWE-1287Improper Validation of Specified Type of Input7 documents6 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent decl_tag from being referenced in func_proto arg Syzkaller managed to hit another decl_tag issue: btf_func_proto_check kernel/bpf/btf.c:4506 [inline] btf_check_all_types kernel/bpf/btf.c:4734 [inline] btf_parse_type_sec+0x1175/0x1980 kernel/bpf/btf.c:4763 btf_parse kernel/bpf/btf.c:5042 [inline] btf_new_fd+0x65a/0xb00 kernel/bpf/btf.c:6709 bpf_btf_load+0x6f/0x90 kernel/bpf/syscall.c:4342 __sys_bpf+0x50a/0x6c0 ker

Affected Packages4 packages

Linuxlinux/linux_kernel5.16.06.0.16+1
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linuxb5ea834dde6b6e7f75e51d5f66dac8cd7c97b5ef3f3d54962a032581996edda8e6bcbf7a30371234+3
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
OSV
bpf: Prevent decl_tag from being referenced in func_proto arg2025-12-30
OSV
CVE-2022-50883: In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent decl_tag from being referenced in func_proto arg Syzkaller managed to2025-12-30
GHSA
GHSA-qw5g-ghj8-55p6: In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent decl_tag from being referenced in func_proto arg Syzkaller managed2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: bpf: Prevent decl_tag from being referenced in func_proto arg2025-12-30
Debian
CVE-2022-50883: linux - In the Linux kernel, the following vulnerability has been resolved: bpf: Preven...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50883 Impact, Exploitability, and Mitigation Steps | Wiz