{"id":"CVE-2022-4129","details":"A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.","modified":"2026-04-16T00:06:10.919403859Z","published":"2022-11-28T22:15:11.180Z","related":["ALSA-2023:2148","ALSA-2023:2458","ALSA-2023:2736","ALSA-2023:2951","SUSE-SU-2022:4503-1","SUSE-SU-2022:4504-1","SUSE-SU-2022:4585-1","SUSE-SU-2022:4589-1","SUSE-SU-2022:4613-1","SUSE-SU-2022:4614-1","SUSE-SU-2022:4616-1","SUSE-SU-2022:4617-1","SUSE-SU-2023:0747-1","SUSE-SU-2023:0762-1","SUSE-SU-2023:0768-1","SUSE-SU-2023:0770-1","SUSE-SU-2023:0852-1","SUSE-SU-2025:02846-1"],"references":[{"type":"WEB","url":"https://lore.kernel.org/all/20221114191619.124659-1-jakub%40cloudflare.com/t"},{"type":"WEB","url":"https://lore.kernel.org/netdev/20221121085426.21315-1-jakub%40cloudflare.com/t"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7X5SPXMXXFANDASPCKER2JIQO2F3UHCP/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AM5KFIE6JNZXHBA5A2KYDZAT3MEX2B67/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOKXNIM2R4FQCDRQV67UMAY6EBC72QFG/"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-4129.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"36"}]},{"events":[{"introduced":"0"},{"last_affected":"37"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}