CVE-2022-49632

Summary

In the Linux kernel, the following vulnerability has been resolved:

icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.

While reading sysctl_icmp_errors_use_inbound_ifaddr, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1c2fb7f93cb20621772bf304f3dba0849942e5db < de9490c32bc10020efdd1509689a28f197d6dfb8affected
LinuxLinux1c2fb7f93cb20621772bf304f3dba0849942e5db < f9617844e4d5d6331dbce3fb19a24e5bda201e58affected
LinuxLinux1c2fb7f93cb20621772bf304f3dba0849942e5db < d2efabce81db7eed1c98fa1a3f203f0edd738ac3affected
LinuxLinux2.6.12affected
LinuxLinux0 < 2.6.12unaffected
LinuxLinux5.15.56 <= 5.15.*unaffected
LinuxLinux5.18.13 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References