CVE-2022-50706

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue where a zero-sized raw send message request for PF IEEE802154 sockets could trigger a warning in the dev queue xmit() function. This occurred because the system attempted to call dev queue xmit() with a socket buffer (skb) length of zero. The fix prevents calling dev queue xmit() if the packet length is zero. The issue was identified by syzbot during testing. The code example provided demonstrates the vulnerability by creating a PF IEEE802154 socket and sending a message with an empty iovec. The fix may be related to a previous commit that restricted packet lengths.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.