CVE-2022-49593

Summary

In the Linux kernel, the following vulnerability has been resolved:

tcp: Fix a data-race around sysctl_tcp_probe_interval.

While reading sysctl_tcp_probe_interval, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux05cbc0db03e82128f2e7e353d4194dd24a1627fe < 80dabd089086e6553b7acfcff2ec223bdada87a1affected
LinuxLinux05cbc0db03e82128f2e7e353d4194dd24a1627fe < b3798d3519eda9c409bb0815b0102f27ec42468daffected
LinuxLinux05cbc0db03e82128f2e7e353d4194dd24a1627fe < 73a11588751a2c13f25d9da8117efc9a79b1843faffected
LinuxLinux05cbc0db03e82128f2e7e353d4194dd24a1627fe < c61aede097d350d890fa1edc9521b0072e14a0b8affected
LinuxLinux05cbc0db03e82128f2e7e353d4194dd24a1627fe < e6b6f027e2854a51f345a5e3e808d7a88001d4f8affected
LinuxLinux05cbc0db03e82128f2e7e353d4194dd24a1627fe < b14cc8afbbcbc6dce4797913c0b85266b897f541affected
LinuxLinux05cbc0db03e82128f2e7e353d4194dd24a1627fe < 2a85388f1d94a9f8b5a529118a2c5eaa0520d85caffected
LinuxLinux4.1affected
LinuxLinux0 < 4.1unaffected
LinuxLinux4.14.290 <= 4.14.*unaffected
LinuxLinux4.19.254 <= 4.19.*unaffected
LinuxLinux5.4.208 <= 5.4.*unaffected
LinuxLinux5.10.134 <= 5.10.*unaffected
LinuxLinux5.15.58 <= 5.15.*unaffected
LinuxLinux5.18.15 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References