CVE-2022-49575
4.7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
While reading sysctl_tcp_thin_linear_timeouts, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 36e31b0af58728071e8023cf8e20c5166b700717 < f4b0295be9a3c4260de4585fac4062e602a88ac7 | affected |
| Linux | Linux | 36e31b0af58728071e8023cf8e20c5166b700717 < 492f3713b282c0e67e951cd804edd22eccc25412 | affected |
| Linux | Linux | 36e31b0af58728071e8023cf8e20c5166b700717 < cc133e4f4bc225079198192623945bb872c08143 | affected |
| Linux | Linux | 36e31b0af58728071e8023cf8e20c5166b700717 < 404c53ccdebd11f96954f4070cffac8e0b4d5cb6 | affected |
| Linux | Linux | 36e31b0af58728071e8023cf8e20c5166b700717 < a0f96c4f179cb3560078cefccef105e8f1701210 | affected |
| Linux | Linux | 36e31b0af58728071e8023cf8e20c5166b700717 < 7c6f2a86ca590d5187a073d987e9599985fb1c7c | affected |
| Linux | Linux | 2.6.34 | affected |
| Linux | Linux | 0 < 2.6.34 | unaffected |
| Linux | Linux | 4.19.254 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.208 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.134 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.58 <= 5.15.* | unaffected |
| Linux | Linux | 5.18.15 <= 5.18.* | unaffected |
| Linux | Linux | 5.19 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/f4b0295be9a3c4260de4585fac4062e602a88ac7
- https://git.kernel.org/stable/c/492f3713b282c0e67e951cd804edd22eccc25412
- https://git.kernel.org/stable/c/cc133e4f4bc225079198192623945bb872c08143
- https://git.kernel.org/stable/c/404c53ccdebd11f96954f4070cffac8e0b4d5cb6
- https://git.kernel.org/stable/c/a0f96c4f179cb3560078cefccef105e8f1701210
- https://git.kernel.org/stable/c/7c6f2a86ca590d5187a073d987e9599985fb1c7c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.