CVE-2022-50452

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to the cake queuing discipline (qdisc). Specifically, a null pointer dereference can occur when the cake init() function fails during the initialization of a default qdisc. This happens when the tins pointer becomes NULL, leading to a general protection fault during the cake dequeue one() function call within cake reset(). The issue arises during the process of qdisc create dflt(), cake init(), and subsequent resource clearing in cake reset(). The call trace indicates the problem originates from accessing a null pointer within the cake dequeue one() function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2026-06089

CESA-2023_7077

CVE-2022-50452

RHSA-2023:2458

RHSA-2023:7077

RHSA-2023_2458

RHSA-2023_7077

SUSE-SU-2025:03615-1

SUSE-SU-2025:3761-1

Affected Products

Centos

Linux Kernel

Red Hat

Suse

CVE-2022-50452

Weakness Enumeration

Related Identifiers

Affected Products

References · 836