CVE-2022-50837 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path If dsa_tag_8021q_setup() fails, for example due to the inability of the device to install a VLAN, the tag_8021q context of the switch will leak. Make sure it is freed on the error path.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/09f30f394e832ed09859b6a80fdd20668a9104ff
https://git.kernel.org/stable/c/14ed46a13aba42a6ddd85de6f6274090df3586a5
https://git.kernel.org/stable/c/39691d51af99f80efb9e365f94b8e0c791fa1a2f
https://git.kernel.org/stable/c/e095493091e850d5292ad01d8fbf5cde1d89ac53

History

Tue, 30 Dec 2025 12:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path If dsa_tag_8021q_setup() fails, for example due to the inability of the device to install a VLAN, the tag_8021q context of the switch will leak. Make sure it is freed on the error path.
Title		net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/09f30f394e832ed09859b6a80fdd20668a9104ff https://git.kernel.org/stable/c/14ed46a13aba42a6ddd85de6f6274090df3586a5 https://git.kernel.org/stable/c/39691d51af99f80efb9e365f94b8e0c791fa1a2f https://git.kernel.org/stable/c/e095493091e850d5292ad01d8fbf5cde1d89ac53

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-30T12:10:57.049Z

Updated: 2025-12-30T12:10:57.049Z

Reserved: 2025-12-30T12:06:07.133Z

Link: CVE-2022-50837

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-30T13:15:58.243

Modified: 2025-12-30T13:15:58.243

Link: CVE-2022-50837

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2022-50837", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-30T12:06:07.133Z", "datePublished": "2025-12-30T12:10:57.049Z", "dateUpdated": "2025-12-30T12:10:57.049Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-30T12:10:57.049Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path\n\nIf dsa_tag_8021q_setup() fails, for example due to the inability of the\ndevice to install a VLAN, the tag_8021q context of the switch will leak.\nMake sure it is freed on the error path."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/dsa/tag_8021q.c"], "versions": [{"version": "328621f6131f667c5c328bb72d45442fd76efb81", "lessThan": "09f30f394e832ed09859b6a80fdd20668a9104ff", "status": "affected", "versionType": "git"}, {"version": "328621f6131f667c5c328bb72d45442fd76efb81", "lessThan": "39691d51af99f80efb9e365f94b8e0c791fa1a2f", "status": "affected", "versionType": "git"}, {"version": "328621f6131f667c5c328bb72d45442fd76efb81", "lessThan": "14ed46a13aba42a6ddd85de6f6274090df3586a5", "status": "affected", "versionType": "git"}, {"version": "328621f6131f667c5c328bb72d45442fd76efb81", "lessThan": "e095493091e850d5292ad01d8fbf5cde1d89ac53", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/dsa/tag_8021q.c"], "versions": [{"version": "5.15", "status": "affected"}, {"version": "0", "lessThan": "5.15", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.86", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.0.16", "lessThanOrEqual": "6.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.2", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "5.15.86"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.0.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.1.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/09f30f394e832ed09859b6a80fdd20668a9104ff"}, {"url": "https://git.kernel.org/stable/c/39691d51af99f80efb9e365f94b8e0c791fa1a2f"}, {"url": "https://git.kernel.org/stable/c/14ed46a13aba42a6ddd85de6f6274090df3586a5"}, {"url": "https://git.kernel.org/stable/c/e095493091e850d5292ad01d8fbf5cde1d89ac53"}], "title": "net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path", "x_generator": {"engine": "bippy-1.2.0"}}}}