CVE-2022-49598

Summary

In the Linux kernel, the following vulnerability has been resolved:

tcp: Fix data-races around sysctl_tcp_mtu_probing.

While reading sysctl_tcp_mtu_probing, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5d424d5a674f782d0659a3b66d951f412901faee < 7e8fc428a7f680f1c4994a40e52d7f95a9a93038affected
LinuxLinux5d424d5a674f782d0659a3b66d951f412901faee < f966773e13cdd3f12baa90071b7b660f6c633ccbaffected
LinuxLinux5d424d5a674f782d0659a3b66d951f412901faee < 77a04845f0d28a3561494a5f3121488470a968a4affected
LinuxLinux5d424d5a674f782d0659a3b66d951f412901faee < aabe9438fdfe004e021d5a206227ec105dbe2416affected
LinuxLinux5d424d5a674f782d0659a3b66d951f412901faee < b0920ca09d9ce19980c8391b9002455baa9c1417affected
LinuxLinux5d424d5a674f782d0659a3b66d951f412901faee < f47d00e077e7d61baf69e46dde3210c886360207affected
LinuxLinux2.6.17affected
LinuxLinux0 < 2.6.17unaffected
LinuxLinux4.19.254 <= 4.19.*unaffected
LinuxLinux5.4.208 <= 5.4.*unaffected
LinuxLinux5.10.134 <= 5.10.*unaffected
LinuxLinux5.15.58 <= 5.15.*unaffected
LinuxLinux5.18.15 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References