CVE-2022-50783
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/12/2025
Last modified:
24/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
mptcp: use proper req destructor for IPv6<br />
<br />
Before, only the destructor from TCP request sock in IPv4 was called<br />
even if the subflow was IPv6.<br />
<br />
It is important to use the right destructor to avoid memory leaks with<br />
some advanced IPv6 features, e.g. when the request socks contain<br />
specific IPv6 options.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/092953f3c4cd65f88b27b87a922f6c725f34ee04
- https://git.kernel.org/stable/c/1922ea6b0ae2ea0c9a09be0eafafe1cd1069d259
- https://git.kernel.org/stable/c/6eb02c596ec02e5897ae377e065cb7df55337a96
- https://git.kernel.org/stable/c/bd5dc96fea4edd16d2e22f41b4dd50a4cfbeb919
- https://git.kernel.org/stable/c/d3295fee3c756ece33ac0d935e172e68c0a4161b