CVE-2022-50048
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-50048
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50048.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-50048
- Downstream
- Published
- 2025-06-18T11:01:48Z
- Modified
- 2025-10-21T11:54:21.443786Z
- Summary
- netfilter: nf_tables: possible module reference underflow in error path
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: possible module reference underflow in error path
dst->ops is set on when nftexprclone() fails, but module refcount has not been bumped yet, therefore nftexprdestroy() leads to module reference underflow.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8cfd9b0f8515e7c361bba27e2a2684cbd427fe01Fixedb59bee8b05b0e789b5a298cacb09e8aaa3367a29
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8cfd9b0f8515e7c361bba27e2a2684cbd427fe01Fixed1e52e6cfec6342c3d0df47dc3a76724fb3dabf56
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8cfd9b0f8515e7c361bba27e2a2684cbd427fe01Fixedc485c35ff6783ccd12c160fcac6a0e504e83e0bf
Affected versions
v5.*
v5.10
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
v5.19.2
v5.19.3
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c485c35ff6783ccd12c160fcac6a0e504e83e0bf",
"id": "CVE-2022-50048-2805588a",
"deprecated": false,
"target": {
"file": "net/netfilter/nf_tables_api.c"
},
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"327545146706925751354500517532087058596",
"37460846584326298250225682707864016882",
"135887754434591306839622117824220516099",
"318321731668738319083789927703285944439"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b59bee8b05b0e789b5a298cacb09e8aaa3367a29",
"id": "CVE-2022-50048-682cf27c",
"deprecated": false,
"target": {
"file": "net/netfilter/nf_tables_api.c"
},
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"327545146706925751354500517532087058596",
"37460846584326298250225682707864016882",
"135887754434591306839622117824220516099",
"318321731668738319083789927703285944439"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b59bee8b05b0e789b5a298cacb09e8aaa3367a29",
"id": "CVE-2022-50048-7e970f38",
"deprecated": false,
"target": {
"function": "nft_set_elem_expr_clone",
"file": "net/netfilter/nf_tables_api.c"
},
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 526.0,
"function_hash": "107557767933528406330841000494994037593"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1e52e6cfec6342c3d0df47dc3a76724fb3dabf56",
"id": "CVE-2022-50048-9bcd6b0f",
"deprecated": false,
"target": {
"function": "nft_set_elem_expr_clone",
"file": "net/netfilter/nf_tables_api.c"
},
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 534.0,
"function_hash": "108805007350473464965811548063496124787"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1e52e6cfec6342c3d0df47dc3a76724fb3dabf56",
"id": "CVE-2022-50048-e86454dd",
"deprecated": false,
"target": {
"file": "net/netfilter/nf_tables_api.c"
},
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"327545146706925751354500517532087058596",
"37460846584326298250225682707864016882",
"135887754434591306839622117824220516099",
"318321731668738319083789927703285944439"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c485c35ff6783ccd12c160fcac6a0e504e83e0bf",
"id": "CVE-2022-50048-fab4f3bb",
"deprecated": false,
"target": {
"function": "nft_set_elem_expr_clone",
"file": "net/netfilter/nf_tables_api.c"
},
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 534.0,
"function_hash": "108805007350473464965811548063496124787"
}
}
]