CVE-2022-50837
Description
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path
If dsa_tag_8021q_setup() fails, for example due to the inability of the device to install a VLAN, the tag_8021q context of the switch will leak. Make sure it is freed on the error path.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory leak in Linux kernel's DSA tag_8021q register function on error path can lead to resource exhaustion.
The vulnerability resides in the error handling of dsa_tag_8021q_register(). If dsa_tag_8021q_setup() fails, for example due to the inability of the device to install a VLAN, the allocated tag_8021q context is not freed, causing a memory leak [1].
Exploitation requires triggering a failure in VLAN setup, which could be achieved by a local attacker with sufficient privileges or by manipulating network conditions to cause a VLAN installation error. No authentication is needed beyond local access.
The impact is a kernel memory leak that, over time, may deplete system memory leading to system instability or denial of service.
The fix ensures the context is freed on the error path; this patch has been applied to stable kernel updates [2].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
409f30f394e8339691d51af9914ed46a13abae095493091e8Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4News mentions
0No linked articles in our index yet.