Detections
Analytics

CVE-2022-50783

medium

Description

In the Linux kernel, the following vulnerability has been resolved: mptcp: use proper req destructor for IPv6 Before, only the destructor from TCP request sock in IPv4 was called even if the subflow was IPv6. It is important to use the right destructor to avoid memory leaks with some advanced IPv6 features, e.g. when the request socks contain specific IPv6 options.

References

https://git.kernel.org/stable/c/d3295fee3c756ece33ac0d935e172e68c0a4161b

https://git.kernel.org/stable/c/bd5dc96fea4edd16d2e22f41b4dd50a4cfbeb919

https://git.kernel.org/stable/c/6eb02c596ec02e5897ae377e065cb7df55337a96

https://git.kernel.org/stable/c/1922ea6b0ae2ea0c9a09be0eafafe1cd1069d259

https://git.kernel.org/stable/c/092953f3c4cd65f88b27b87a922f6c725f34ee04

Details

Source: Mitre, NVD

Published: 2025-12-24

Updated: 2025-12-24

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018