CVE-2022-49844 can: dev: fix skb drop check

In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...

CVE-2022-49844

The collection confirms CVE-2022-49844 affects the Linux kernel CAN subsystem. The issue arises from reading priv->ctrlmode in virtual CAN interfaces (e.g., vcan, vxcan) when some interfaces do not create struct can_priv at startup, causing an out-of-bounds read and CAN frame drops. The refere...