PT-2025-38425 · Linux+5 · Linux Kernel+5

Published

2022-09-07

Updated

2025-12-11

CVE-2022-50408

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free vulnerability exists in the brcmfmac module within the Linux kernel, specifically within the brcmf netdev start xmit() function. This issue occurs when a data structure is scheduled for completion but is then accessed before the completion occurs, leading to a potential crash or unpredictable behavior. The vulnerability is triggered during the transmission of packets and involves the handling of skbuffs (socket buffers). The bug was identified through KASAN (Kernel Address Sanitizer) and involves a read of memory after it has been freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_16880

BDU:2026-02181

CESA-2023_2951

CVE-2022-50408

OESA-2025-2406

RHSA-2023:2458

RHSA-2023:2951

RHSA-2023_2458

RHSA-2023_2951

RHSA-2025:21091

RHSA-2025:21136

SUSE-SU-2025:03613-1

SUSE-SU-2025:03614-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03626-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3761-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

Brcmfmac

PT-2025-38425 · Linux+5 · Linux Kernel+5

CVE-2022-50408

Weakness Enumeration

Related Identifiers

Affected Products

References · 1044