CVE-2022-50816

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc7-syzkaller-18095-gbbed346d5a96

Description The Linux kernel contained a flaw in the IPv6 tunnel implementation. Specifically, the code did not properly sanitize the Maximum Transmission Unit (MTU) value, potentially allowing a layer to set the device MTU to an underflowed value. This could lead to a kernel bug, as demonstrated by a syzbot report and a resulting panic when handling skbuffs (socket buffer structures). The issue was identified in the ip6 gre tunnel (dev:ip6gretap0) and related functions like ip6 tnl link config route(), ip6 tnl link config(), and ipip6 tunnel bind dev().

Recommendations Update to version 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 or a later version to address this issue.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-50816

OESA-2026-1276

RHSA-2023:2458

RHSA-2023:7077

SUSE-SU-2026:0473-1

Affected Products

Centos

Linux Kernel

Red Hat

CVE-2022-50816

Related Identifiers

Affected Products

References · 332