CVE-2022-50783

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s Multipath TCP (MPTCP) implementation. Previously, the destructor used for TCP request sockets was only from IPv4, even when the subflow was IPv6. This could lead to memory leaks when using advanced IPv6 features, specifically when request sockets contain certain IPv6 options. Proper use of the correct destructor is essential to avoid these memory leaks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.