CVE-2022-49602

Summary

In the Linux kernel, the following vulnerability has been resolved:

ip: Fix a data-race around sysctl_fwmark_reflect.

While reading sysctl_fwmark_reflect, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe110861f86094cd78cc85593b873970092deb43a < fc92e3b4bebfdd986ef1d2c5019f236837b0b982affected
LinuxLinuxe110861f86094cd78cc85593b873970092deb43a < 5e7a1be3e68deef250ad43cc91f7bb8d7d758b48affected
LinuxLinuxe110861f86094cd78cc85593b873970092deb43a < 9096edcf4854289f92252e086cf6e498c7f8c21daffected
LinuxLinuxe110861f86094cd78cc85593b873970092deb43a < 25a635a67c830766110410fea88ec4e6ee29684baffected
LinuxLinuxe110861f86094cd78cc85593b873970092deb43a < 0ee76fe01ff3c0b4efaa500aecc90d7c8d3a8860affected
LinuxLinuxe110861f86094cd78cc85593b873970092deb43a < dccf8a67f30e18980d13f07006e5a536bbd1e136affected
LinuxLinuxe110861f86094cd78cc85593b873970092deb43a < a475ecc9ad919aa3ebdd4e4a6ee612b793bf74b3affected
LinuxLinuxe110861f86094cd78cc85593b873970092deb43a < 85d0b4dbd74b95cc492b1f4e34497d3f894f5d9aaffected
LinuxLinux3.16affected
LinuxLinux0 < 3.16unaffected
LinuxLinux4.9.325 <= 4.9.*unaffected
LinuxLinux4.14.290 <= 4.14.*unaffected
LinuxLinux4.19.254 <= 4.19.*unaffected
LinuxLinux5.4.208 <= 5.4.*unaffected
LinuxLinux5.10.134 <= 5.10.*unaffected
LinuxLinux5.15.58 <= 5.15.*unaffected
LinuxLinux5.18.15 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References