CVE-2022-50764

Published: Dec 24, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEV_STATS_INC() to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev->stats.tx_error concurrently. This is because sit tunnels are NETIF_F_LLTX, meaning their ndo_start_xmit() is not protected by a spinlock. While original KCSAN report was about tx path, rx path has the same issue.

Vendor	Product	Versions
Linux	Linux	affected `8df40d1033d64597dcf1efd4f7547e817f7a953b - < 222cc04356984f3f98acfa756a69d4bed7c501ac` affected `8df40d1033d64597dcf1efd4f7547e817f7a953b - < 4eed93bb3e57b8cc78d17166a14e40a73276015a` affected `8df40d1033d64597dcf1efd4f7547e817f7a953b - < 207501a986831174df09a36a8cb62a28f92f0dc8` affected `8df40d1033d64597dcf1efd4f7547e817f7a953b - < cb34b7cf17ecf33499c9298943f85af247abc1e9`
Linux	Linux	affected `2.6.37` unaffected `0 - < 2.6.37` unaffected `5.15.86 - <= 5.15.` unaffected `6.0.16 - <= 6.0.` unaffected `6.1.2 - <= 6.1.*` +1 more versions

References

https://git.kernel.org/stable/c/222cc04356984f3f98acfa756a69d4bed7c501ac

https://git.kernel.org/stable/c/4eed93bb3e57b8cc78d17166a14e40a73276015a

https://git.kernel.org/stable/c/207501a986831174df09a36a8cb62a28f92f0dc8

https://git.kernel.org/stable/c/cb34b7cf17ecf33499c9298943f85af247abc1e9

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-50764

Description

Affected Products

References