PT-2025-25927 · Linux+3 · Linux Kernel+3

Published

2022-08-23

Updated

2025-11-14

CVE-2022-50001

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue concerns the Linux kernel's netfilter, specifically the nft tproxy component. TPROXY is only allowed from the prerouting hook, but nft tproxy does not enforce this restriction. This oversight can lead to a crash, characterized by a null dereference, when tproxy is used from other hooks, such as the output hook.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2026-02573

CESA-2023_2951

CVE-2022-50001

RHSA-2022:8267

RHSA-2022_8267

RHSA-2023:2951

RHSA-2023_2951

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

PT-2025-25927 · Linux+3 · Linux Kernel+3

CVE-2022-50001

Weakness Enumeration

Related Identifiers

Affected Products

References · 25