CVE-2022-49633

Summary

In the Linux kernel, the following vulnerability has been resolved:

icmp: Fix data-races around sysctl_icmp_echo_enable_probe.

While reading sysctl_icmp_echo_enable_probe, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd329ea5bd8845f0b196bf41b18b6173340d6e0e4 < cce955efa0ab81f7fb72e22beed372054c86005caffected
LinuxLinuxd329ea5bd8845f0b196bf41b18b6173340d6e0e4 < 05c615033174f1d19374f42285ccd8e9af13e427affected
LinuxLinuxd329ea5bd8845f0b196bf41b18b6173340d6e0e4 < 4a2f7083cc6cb72dade9a63699ca352fad26d1cdaffected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.15.56 <= 5.15.*unaffected
LinuxLinux5.18.13 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References