CVE-2022-50365

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-50365
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50365.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-50365
Downstream
Related
Published
2025-09-17T14:56:16.648Z
Modified
2026-04-11T12:44:57.060068Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
skbuff: Account for tail adjustment during pull operations
Details

In the Linux kernel, the following vulnerability has been resolved:

skbuff: Account for tail adjustment during pull operations

Extending the tail can have some unexpected side effects if a program uses a helper like BPFFUNCskbpulldata to read partial content beyond the head skb headlen when all the skbs in the gso fraglist are linear with no headfrag -

kernel BUG at net/core/skbuff.c:4219! pc : skbsegment+0xcf4/0xd2c lr : skbsegment+0x63c/0xd2c Call trace: skb_segment+0xcf4/0xd2c __udpgsosegment+0xa4/0x544 udp4ufofragment+0x184/0x1c0 inetgsosegment+0x16c/0x3a4 skbmacgso_segment+0xd4/0x1b0 __skbgsosegment+0xcc/0x12c udprcvsegment+0x54/0x16c udpqueuercvskb+0x78/0x144 udpunicastrcvskb+0x8c/0xa4 __udp4librcv+0x490/0x68c udprcv+0x20/0x30 ipprotocoldeliverrcu+0x1b0/0x33c iplocaldeliver+0xd8/0x1f0 iprcv+0x98/0x1a4 deliverptypelistskb+0x98/0x1ec _netifreceiveskbcore+0x978/0xc60

Fix this by marking these skbs as GSO_DODGY so segmentation can handle the tail updates accordingly.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50365.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
162a5a8c3aff15c449e6b38355cdf80ab4f77a5a
Fixed
ff3743d00f41d803e6ab9334962b674f3b7fd0cb
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
55fb612bef7fd237fb70068e2b6ff1cd1543a8ef
Fixed
6ac417d71b80e74b002313fcd73f7e9008e8e457
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
821302dd0c51d29269ef73a595bdff294419e2cd
Fixed
2d59f0ca153e9573ec4f140988c0ccca0eb4181b
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3dcbdb134f329842a38f0e6797191b885ab00a00
Fixed
668dc454bcbd1da73605201ff43f988c70848215
Fixed
821be5a5ab09a40ba09cb5ba354f18cf7996fea0
Fixed
8fb773eed4909ef5dc1bbeb3629a337d3336df7e
Fixed
946dd5dc4fcc4123cdfe3942b20012c4448cf89a
Fixed
331615d837f4979eb91a336a223a5c7f7886ecd5
Fixed
2d7afdcbc9d32423f177ee12b7c93783aea338fb
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
92984818ff8cfd97311a5e0ac27f148a00df2b54

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50365.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.9.337
Type
ECOSYSTEM
Events
Introduced
4.10.0
Fixed
4.14.303
Type
ECOSYSTEM
Events
Introduced
4.15.0
Fixed
4.19.270
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.229
Type
ECOSYSTEM
Events
Introduced
5.3.0
Fixed
5.10.163
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.15.86
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
6.0.16
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50365.json"