vulnerability
Ubuntu: (CVE-2022-49234): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:S/C:C/I:N/A:C) | Feb 26, 2025 | Jun 26, 2025 | Sep 24, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: Avoid cross-chip syncing of VLAN filtering
Changes to VLAN filtering are not applicable to cross-chip
notifications.
On a system like this:
.-----. .-----. .-----.
| sw1 +---+ sw2 +---+ sw3 |
'-1-2-' '-1-2-' '-1-2-'
Before this change, upon sw1p1 leaving a bridge, a call to
dsa_port_vlan_filtering would also be made to sw2p1 and sw3p1.
In this scenario:
.---------. .-----. .-----.
| sw1 +---+ sw2 +---+ sw3 |
'-1-2-3-4-' '-1-2-' '-1-2-'
When sw1p4 would leave a bridge, dsa_port_vlan_filtering would be
called for sw2 and sw3 with a non-existing port - leading to array
out-of-bounds accesses and crashes on mv88e6xxx.
Solution
References
- CVE-2022-49234
- https://attackerkb.com/topics/CVE-2022-49234
- CWE-125
- URL-https://git.kernel.org/linus/108dc8741c203e9d6ce4e973367f1bac20c7192b
- URL-https://git.kernel.org/stable/c/108dc8741c203e9d6ce4e973367f1bac20c7192b
- URL-https://git.kernel.org/stable/c/e1f2a4dd8d433eec393d09273a78a3d3551339cf
- URL-https://www.cve.org/CVERecord?id=CVE-2022-49234
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.