Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2022-50397
CVE-2022-50397:
Linux Kernel vulnerability analysis and mitigation
Overview
CVE-2022-50397 is a vulnerability in the Linux kernel affecting the net/ieee802154 subsystem, specifically related to zero-sized raw_sendmsg() handling. The vulnerability was published on September 18, 2025, and affects various Linux kernel versions across multiple distributions (NVD).
Technical details
The vulnerability involves the raw_sendmsg() function in the IEEE 802.15.4 networking stack where syzbot detected a skb_assert_len() warning. The issue is similar to what was previously addressed by commit dc633700f00f726e for net/af_packet regarding length checking when min_header_len equals 0 (NVD).
Impact
The vulnerability affects multiple Linux distributions including Ubuntu 22.04 LTS (jammy), 24.04 LTS (noble), and 25.04 (plucky), potentially impacting various kernel packages including mainline, AWS, Azure, and GCP kernel variants (Ubuntu).
Additional resources
Source: This report was generated using AI
Related Linux Kernel vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management