Data Race Vulnerability in Linux Kernel's Networking Stack
CVE-2022-50323

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 September 2025

What is CVE-2022-50323?

A vulnerability exists in the Linux kernel's networking stack, specifically in the skb_append_pagefrags() function. This function, used by various networking implementations, has been found to improperly sense pfmemalloc status for pages owned by user space. This can lead to a data race condition, where concurrent tasks can access and modify shared memory without appropriate synchronization. The issue has been documented by the Kernel Concurrency Sanitizer and is of concern for applications relying on reliable network communication, as it could result in undefined behavior or crashes.

Affected Version(s)

Linux 8527c9a6bf8e54fef0a8d3d7d8874a48c725c915 < 92b4c5c3fa810212da20088bcc6c0a77fc8607bd

Linux 3261400639463a853ba2b3be8bd009c2a8089775 < 847a2859814b31392340a2b16604b25afaa92dcc

Linux 3261400639463a853ba2b3be8bd009c2a8089775 < 228ebc41dfab5b5d34cd76835ddb0ca8ee12f513

References

https://git.kernel.org/stable/c/92b4c5c3fa810212da20088bc...
https://git.kernel.org/stable/c/847a2859814b31392340a2b16...
https://git.kernel.org/stable/c/228ebc41dfab5b5d34cd76835...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-50323 : Data Race Vulnerability in Linux Kernel's Networking Stack