SB20251226133 - Use-after-free in Linux kernel core
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB20251226133
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2022-50780)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the net_assign_generic() and ops_init() functions in net/core/net_namespace.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/4a4df5e78712de39d6f90d6a64b5eb48dca03bd5
- https://git.kernel.org/stable/c/5a2ea549be94924364f6911227d99be86e8cf34a
- https://git.kernel.org/stable/c/97ad240fd9aa9214497d14af2b91608e20856cac
- https://git.kernel.org/stable/c/a1e18acb0246bfb001b08b8b1b830b5ec92a0f13
- https://git.kernel.org/stable/c/c3edc6e808209aa705185f732e682a370981ced1
- https://git.kernel.org/stable/c/d266935ac43d57586e311a087510fe6a084af742
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.264
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.153
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.77
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.223
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.7
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1