CVE-2022-49578
4.7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
ip: Fix data-races around sysctl_ip_prot_sock.
sysctl_ip_prot_sock is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 4548b683b78137f8eadeb312b94e20bb0d4a7141 < 9add240f76af6d141d2eebd3a1558a0e503a993d | affected |
| Linux | Linux | 4548b683b78137f8eadeb312b94e20bb0d4a7141 < 95724fe897a4ecf2be51452ef96e818568071664 | affected |
| Linux | Linux | 4548b683b78137f8eadeb312b94e20bb0d4a7141 < ef699813d99cc29e6e25c9f6da7766526cc8bd6e | affected |
| Linux | Linux | 4548b683b78137f8eadeb312b94e20bb0d4a7141 < 9b55c20f83369dd54541d9ddbe3a018a8377f451 | affected |
| Linux | Linux | 4.11 | affected |
| Linux | Linux | 0 < 4.11 | unaffected |
| Linux | Linux | 5.10.134 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.58 <= 5.15.* | unaffected |
| Linux | Linux | 5.18.15 <= 5.18.* | unaffected |
| Linux | Linux | 5.19 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/9add240f76af6d141d2eebd3a1558a0e503a993d
- https://git.kernel.org/stable/c/95724fe897a4ecf2be51452ef96e818568071664
- https://git.kernel.org/stable/c/ef699813d99cc29e6e25c9f6da7766526cc8bd6e
- https://git.kernel.org/stable/c/9b55c20f83369dd54541d9ddbe3a018a8377f451
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.