CVE-2022-49727

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A signed integer overflow issue has been identified in the Linux kernel, specifically in the ipv6 component, related to the l2tp ip6 sendmsg function. This occurs when the length (len) is greater than or equal to INT MAX - transhdrlen, causing an overflow when calculating ulen = len + transhdrlen. The issue is resolved by subtracting transhdrlen from the maximum value, similar to the approach used in udpv6.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.