#VU116574 Improper error handling in Linux kernel - CVE-2022-50476
Published: October 5, 2025 / Updated: October 27, 2025
Vulnerability identifier: #VU116574
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-50476
CWE-ID: CWE-388
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ntb_netdev_rx_handler() and ntb_netdev_tx_handler() functions in drivers/net/ntb_netdev.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/07e28a8f450217db679802ebd4de0915556ce846
- https://git.kernel.org/stable/c/13286ad1c7c49c606fdcba4cf66f953a1a16c1ca
- https://git.kernel.org/stable/c/14d245da57a11e80277ab455aa9b6dcc5ed38a19
- https://git.kernel.org/stable/c/21296a52caa6a6bad6debdfe40ad81d4f1a27e69
- https://git.kernel.org/stable/c/5f7d78b2b12a9d561f48fa00bab29b40f4616dad
- https://git.kernel.org/stable/c/8b78493968ed3cef0326183ed059c55e42f24d5b
- https://git.kernel.org/stable/c/a6b9e09403102bdf8402dae734800e4916c7ea58
- https://git.kernel.org/stable/c/d4460c82177899751975180c268f352893302221
- https://git.kernel.org/stable/c/dd860b39aa7c7b82e6c99b6fdb99d4610ce49d67
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.303