CVE-2022-50004

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0+

Description A null pointer dereference issue has been identified in the Linux kernel, specifically in the xfrm interface. This issue occurs when transmitting an skb with metadata dst attached, resulting in a null pointer dereference in the xfrmi xmit2() function. The problem arises from the unconditional dereference of dst->dev when there is no policy. To fix this, a check for a null dst orig->dev has been added.

Recommendations For Linux kernel versions prior to 5.19.0+, update to version 5.19.0 or later to resolve the issue. As a temporary workaround, consider disabling the xfrmi xmit2() function until a patch is available. Restrict access to the xfrm interface to minimize the risk of exploitation. Avoid using the dst->dev variable in the affected API endpoint until the issue is resolved.