vulnerability

Red Hat: CVE-2022-47929: NULL pointer dereference in traffic control subsystem (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	2023-01-17	2023-05-15	2025-03-21

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

2023-01-17

Added

2023-05-15

Modified

2025-03-21

Description

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c.

Solution(s)

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

NVD-CVE-2022-47929
REDHAT-RHSA-2023:2148
REDHAT-RHSA-2023:2458
REDHAT-RHSA-2023:2736
REDHAT-RHSA-2023:2951
REDHAT-RHSA-2024:0412

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today