SB20250916375 - Buffer overflow in Linux kernel vmw_vsock
Published: September 16, 2025 Updated: September 22, 2025
Security Bulletin ID
SB20250916375
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2022-50271)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the EXPORT_SYMBOL_GPL() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0d720c3f0a03e97867deab7e480ba3d3e19837ba
- https://git.kernel.org/stable/c/0e3f72931fc47bb81686020cc643cde5d9cd0bb8
- https://git.kernel.org/stable/c/36c9f340c60413e28f980c0224c4e9d35851526b
- https://git.kernel.org/stable/c/7aac8c63f604e6a6a46560c0f0188cd0332cf320
- https://git.kernel.org/stable/c/a99fc6d818161d6f1ff3307de8bf5237f6cc34d8
- https://git.kernel.org/stable/c/b4a5905fd2ef841cd61e969ea692c213c2e5c1f7
- https://git.kernel.org/stable/c/e28a4e7f0296824c61a81e7fd54ab48bad3e75ad
- https://git.kernel.org/stable/c/e6d0152c95108651f1880c1ddfab47cb9e3e62d0
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.220