CVE-2022-50445

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.0.0-rc6+ through 6.0.0-rc6+

Description The Linux kernel contains a flaw related to the handling of transport-mode packets within the xfrm framework. Specifically, the issue involves the potential for reinjection of these packets through a workqueue. This can lead to a soft lockup, as demonstrated by the watchdog bug observed during testing with the tcp6-multi-diffip11 stress test case of the LTP test suite. The issue is associated with the xfrm output one, xfrm output resume, xfrm output, xfrm6 output, xfrm6 output, ip6 xmit, inet6 csk xmit, tcp transmit skb, tcp write xmit, tcp push pending frames, tcp rcv established, tcp v6 do rcv, tcp v6 rcv, ip6 protocol deliver rcu, ip6 input finish, ip6 input, ip6 rcv finish, xfrm trans reinject functions. Analysis of softirq statistics reveals high activity in tasklet, net rx, timer, block, and sched softirqs.

Recommendations Versions prior to 6.0.0-rc6+ should be used.