PT-2025-25926 · Linux+4 · Linux Kernel+4

Published

2022-08-24

Updated

2026-03-14

CVE-2022-50000

CVSS v2.0

7.7

High

Vector

AV:A/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.12.0

Description A vulnerability in the Linux kernel has been resolved, related to the netfilter flowtable. The issue occurs when a flow table entry has pending HW stats or HW add work, causing the flow table cleanup to become stuck. This can lead to a use-after-free error. The vulnerability is fixed by flushing the pending work, setting the teardown flag to all flows in the flowtable, and forcing a garbage collector run to queue work to remove the flows from hardware.

Recommendations For Linux kernel versions prior to 5.12.0, apply the patch that fixes the netfilter flowtable issue by flushing the pending work and forcing a garbage collector run to remove the flows from hardware.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2026-02572

CESA-2023_0101

CESA-2023_2951

CVE-2022-50000

RHSA-2022:8267

RHSA-2022_8267

RHSA-2023:0101

RHSA-2023:0512

RHSA-2023:2951

RHSA-2023_0101

RHSA-2023_2951

RHSA-2025:15660

Affected Products

Astra Linux

Centos

Debian

Linux Kernel

Red Hat

PT-2025-25926 · Linux+4 · Linux Kernel+4

CVE-2022-50000

Weakness Enumeration

Related Identifiers

Affected Products

References · 20