CVE-2022-49450: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49450 is a vulnerability in the Linux kernel's AF_RXRPC implementation, specifically related to the listen() handler functionality. The vulnerability was discovered in 2022 and publicly disclosed in February 2025. The issue affects the Linux kernel's network stack, particularly the RXRPC protocol implementation (Kernel Git).

The vulnerability occurs in the AFRXRPC's listen() handler, which allows setting the backlog up to 32 (through sysctl configuration). While the preallocation circular buffers have 32 slots, one slot must remain empty due to the CIRCCNT() implementation. When listen(rxrpcsock, 32) is called, it causes an oops condition during socket closure because rxrpcservicepreallocone() allocates one too many calls, and rxrpcdiscardprealloc() fails to clear them, believing the ring is empty (Kernel Git).

When exploited, the vulnerability results in a kernel NULL pointer dereference at address 0x86. This occurs when rxrpcreleasecallsonsocket() attempts to abort calls with an unset call->peer pointer, leading to a kernel oops condition that could potentially crash the system (NVD).

The fix involves modifying the maximum backlog value to RXRPCBACKLOGMAX - 1 to match the actual ring capacity. This change has been implemented in the kernel source through a patch that adjusts the sysctl configuration limits (Kernel Git).