VYPR
High severity7.1NVD Advisory· Published May 1, 2025· Updated Jun 17, 2026

CVE-2022-49844

CVE-2022-49844

Description

In the Linux kernel, the following vulnerability has been resolved:

can: dev: fix skb drop check

In commit a6d190f8c767 ("can: skb: drop tx skb if in listen only mode") the priv->ctrlmode element is read even on virtual CAN interfaces that do not create the struct can_priv at startup. This out-of-bounds read may lead to CAN frame drops for virtual CAN interfaces like vcan and vxcan.

This patch mainly reverts the original commit and adds a new helper for CAN interface drivers that provide the required information in struct can_priv.

[mkl: patch pch_can, too]

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.