CVE-2022-49975

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49975
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49975.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-49975
Downstream
Related
Published
2025-06-18T11:00:38.157Z
Modified
2026-04-02T08:28:06.328768Z
Summary
bpf: Don't redirect packets with invalid pkt_len
Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: Don't redirect packets with invalid pkt_len

Syzbot found an issue [1]: fqcodeldrop() try to drop a flow whitout any skbs, that is, the flow->head is null. The root cause, as the [2] says, is because that bpfprogtestrunskb() run a bpf prog which redirects empty skbs. So we should determine whether the length of the packet modified by bpf prog or others like bpfprogtest is valid before forwarding it directly.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49975.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5293efe62df81908f2e90c9820c7edcc8e61f5e9
Fixed
8b68e53d56697a59b5c53893b53f508bbdf272a0
Fixed
6204bf78b2a903b96ba43afff6abc0b04d6e0462
Fixed
a75987714bd2d8e59840667a28e15c1fa5c47554
Fixed
72f2dc8993f10262092745a88cb2dd0fef094f23
Fixed
fd1894224407c484f652ad456e1ce423e89bb3eb

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49975.json"