CVE-2022-50817

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-syzkaller-02734-g0326074ff465

Description The Linux kernel contained a flaw within the networking component, specifically in the hsr (High Speed Resilient) functionality. A null dereference issue was identified in the skb clone() function, triggered by a bug in hsr get untagged frame(). If create stripped skb hsr() returns NULL, the code incorrectly attempts to call skb clone(), leading to a general protection fault. This issue was discovered through fuzzing with syzbot. The skb clone() function is responsible for creating a copy of a socket buffer (sk buff), and a null pointer dereference in this function can lead to system instability or a crash. The hsr get untagged frame() function is involved in processing frames within the HSR forwarding process.

Recommendations Update to version 6.0.0-syzkaller-02734-g0326074ff465 or a later version to address this issue.