PT-2025-8308 · Linux+3 · Linux Kernel+3

Syzbot

Published

2022-11-08

Updated

2025-09-29

CVE-2022-49374

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability has been resolved in the Linux kernel related to the TIPC (Transparent Inter-Process Communication) protocol. The issue involves an uninitialized value in the string nocheck function, which is part of the vsprintf library. This can lead to incorrect printing of messages. The vulnerability was reported by syzbot and is related to the tipc enable bearer function in the net/tipc/bearer.c file. The estimated number of potentially affected devices worldwide is not available.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

ALSA-2025_16880

CESA-2022_7683

CVE-2022-49374

OESA-2025-1408

RHSA-2022:7683

RHSA-2022:8267

RHSA-2022_7683

RHSA-2022_8267

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

PT-2025-8308 · Linux+3 · Linux Kernel+3

CVE-2022-49374

Weakness Enumeration

Related Identifiers

Affected Products

References · 46