Description

In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 ("can: skb: drop tx skb if in listen only mode") the priv->ctrlmode element is read even on virtual CAN interfaces that do not create the struct can_priv at startup. This out-of-bounds read may lead to CAN frame drops for virtual CAN interfaces like vcan and vxcan. This patch mainly reverts the original commit and adds a new helper for CAN interface drivers that provide the required information in struct can_priv. [mkl: patch pch_can, too]

INFO

Published Date :

2025-05-01T14:09:58.999Z

Last Modified :

2025-10-01T17:00:34.409Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49844 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49844.

URL Resource
https://git.kernel.org/stable/c/386c49fe31ee748e053860b3bac7794a933ac9ac cve-icon cve-icon
https://git.kernel.org/stable/c/ae64438be1923e3c1102d90fd41db7afcfaf54cc cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050141-CVE-2022-49844-e0b9@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49844 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49844 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact