CVE-2022-50764

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a data race condition within the IPv6/sit module. Specifically, multiple CPUs can concurrently update the dev->stats.tx error variable, leading to potential inconsistencies. This occurs because sit tunnels utilize the NETIF F LLTX flag, meaning their ndo start xmit() function is not protected by a spinlock. The issue affects both the transmit and receive paths. The syzbot/KCSAN tool reported this condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.