CVE-2022-49844

HIGH 7.1

can: dev: fix skb drop check

CVSS Score

7.1

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 ("can: skb: drop tx skb if in listen only mode") the priv->ctrlmode element is read even on virtual CAN interfaces that do not create the struct can_priv at startup. This out-of-bounds read may lead to CAN frame drops for virtual CAN interfaces like vcan and vxcan. This patch mainly reverts the original commit and adds a new helper for CAN interface drivers that provide the required information in struct can_priv. [mkl: patch pch_can, too]

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 1, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

a6d190f8c7670068d8c154ef8477eca07b5e3574 < 386c49fe31ee748e053860b3bac7794a933ac9ac a6d190f8c7670068d8c154ef8477eca07b5e3574 < ae64438be1923e3c1102d90fd41db7afcfaf54cc

Linux / Linux

6.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/386c49fe31ee748e053860b3bac7794a933ac9ac git.kernel.org: https://git.kernel.org/stable/c/ae64438be1923e3c1102d90fd41db7afcfaf54cc