CVE-2022-49727

MEDIUM 5.5

ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg When len >= INT_MAX - transhdrlen, ulen = len + transhdrlen will be overflow. To fix, we can follow what udpv6 does and subtract the transhdrlen from the max.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Feb 26, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

a32e0eec7042b21ccb52896cf715e3e2641fed93 < 2cf73c7cb6125083408d77f43d0e84d86aed0000 a32e0eec7042b21ccb52896cf715e3e2641fed93 < 0e818d433fc2718fe4da044ffca7431812a7e04e a32e0eec7042b21ccb52896cf715e3e2641fed93 < 6c4e3486d21173d60925ef52e512cae727b43d30 a32e0eec7042b21ccb52896cf715e3e2641fed93 < 2f42389d270f2304c8855b0b63498a5a4d0c053d a32e0eec7042b21ccb52896cf715e3e2641fed93 < b8879ca1fd7348b4d5db7db86dcb97f60c73d751 a32e0eec7042b21ccb52896cf715e3e2641fed93 < 27a37755ceb401111ded76810359d3adc4b268a1 a32e0eec7042b21ccb52896cf715e3e2641fed93 < 034246122f5c5e2e2a0b9fe04e24517920e9beb1 a32e0eec7042b21ccb52896cf715e3e2641fed93 < f638a84afef3dfe10554c51820c16e39a278c915

Linux / Linux

3.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗