GHSA-5H9Q-VG2V-XG75

Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2025-11-13 21:31
VLAI?
Details

In the Linux kernel, the following vulnerability has been resolved:

xsk: Fix corrupted packets for XDP_SHARED_UMEM

Fix an issue in XDP_SHARED_UMEM mode together with aligned mode where packets are corrupted for the second and any further sockets bound to the same umem. In other words, this does not affect the first socket bound to the umem. The culprit for this bug is that the initialization of the DMA addresses for the pre-populated xsk buffer pool entries was not performed for any socket but the first one bound to the umem. Only the linear array of DMA addresses was populated. Fix this by populating the DMA addresses in the xsk buffer pool for every socket bound to the same umem.

Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Show details on source website
To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2022-49972"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:24Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: Fix corrupted packets for XDP_SHARED_UMEM\n\nFix an issue in XDP_SHARED_UMEM mode together with aligned mode where\npackets are corrupted for the second and any further sockets bound to\nthe same umem. In other words, this does not affect the first socket\nbound to the umem. The culprit for this bug is that the initialization\nof the DMA addresses for the pre-populated xsk buffer pool entries was\nnot performed for any socket but the first one bound to the umem. Only\nthe linear array of DMA addresses was populated. Fix this by populating\nthe DMA addresses in the xsk buffer pool for every socket bound to the\nsame umem.",
  "id": "GHSA-5h9q-vg2v-xg75",
  "modified": "2025-11-13T21:31:17Z",
  "published": "2025-06-18T12:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49972"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2c75891d56ab6fe5ba0d415bfad91d514a4027cd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/58ca14ed98c87cfe0d1408cc65a9745d9e9b7a56"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.