#VU119748 Improper locking in Linux kernel - CVE-2022-50676
Published: December 10, 2025 / Updated: December 12, 2025
Vulnerability identifier: #VU119748
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-50676
CWE-ID: CWE-667
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rds_tcp_reset_callbacks() function in net/rds/tcp.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/2425007c0967a7c04b0dee7cce05ecf0ca869ad1
- https://git.kernel.org/stable/c/30bfa5aa7228eb1e67663d67e553627e572cc717
- https://git.kernel.org/stable/c/360aa7219285fac63dab99706a16f2daf3222abe
- https://git.kernel.org/stable/c/5d2ba255e93211e541373469dffbda7c99dfa0e5
- https://git.kernel.org/stable/c/a91b750fd6629354460282bbf5146c01b05c4859
- https://git.kernel.org/stable/c/afe7053c390fe8ff27d0c2ceaece5625283044ba
- https://git.kernel.org/stable/c/c380c28ab9b15fc53565909c814f6dd3e7f77c4b
- https://git.kernel.org/stable/c/da349221c4d2d4ac5f606c1c3b36d4ef0b3e6a0c
- https://git.kernel.org/stable/c/e3cb25d3ad08f5dbd53ce2b31720cad529944322
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.262