SB2025100549 - Improper error handling in Linux kernel net driver
Published: October 5, 2025 Updated: October 27, 2025
Security Bulletin ID
SB2025100549
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2022-50476)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ntb_netdev_rx_handler() and ntb_netdev_tx_handler() functions in drivers/net/ntb_netdev.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/07e28a8f450217db679802ebd4de0915556ce846
- https://git.kernel.org/stable/c/13286ad1c7c49c606fdcba4cf66f953a1a16c1ca
- https://git.kernel.org/stable/c/14d245da57a11e80277ab455aa9b6dcc5ed38a19
- https://git.kernel.org/stable/c/21296a52caa6a6bad6debdfe40ad81d4f1a27e69
- https://git.kernel.org/stable/c/5f7d78b2b12a9d561f48fa00bab29b40f4616dad
- https://git.kernel.org/stable/c/8b78493968ed3cef0326183ed059c55e42f24d5b
- https://git.kernel.org/stable/c/a6b9e09403102bdf8402dae734800e4916c7ea58
- https://git.kernel.org/stable/c/d4460c82177899751975180c268f352893302221
- https://git.kernel.org/stable/c/dd860b39aa7c7b82e6c99b6fdb99d4610ce49d67
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.303