4.7

CVE-2022-49344

af_unix: Fix a data-race in unix_dgram_peer_wake_me().

In the Linux kernel, the following vulnerability has been resolved:

af_unix: Fix a data-race in unix_dgram_peer_wake_me().

unix_dgram_poll() calls unix_dgram_peer_wake_me() without `other`'s
lock held and check if its receive queue is full.  Here we need to
use unix_recvq_full_lockless() instead of unix_recvq_full(), otherwise
KCSAN will report a data-race.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.2.75 < 3.3
LinuxLinux Kernel Version >= 3.4.111 < 3.5
LinuxLinux Kernel Version >= 3.10.95 < 3.11
LinuxLinux Kernel Version >= 3.12.52 < 3.13
LinuxLinux Kernel Version >= 3.14.59 < 3.15
LinuxLinux Kernel Version >= 3.18.26 < 3.19
LinuxLinux Kernel Version >= 4.1.15 < 4.2
LinuxLinux Kernel Version >= 4.2.8 < 4.3
LinuxLinux Kernel Version >= 4.3.3 < 4.19.247
LinuxLinux Kernel Version >= 4.20 < 5.4.198
LinuxLinux Kernel Version >= 5.5 < 5.10.122
LinuxLinux Kernel Version >= 5.11 < 5.15.47
LinuxLinux Kernel Version >= 5.16 < 5.17.15
LinuxLinux Kernel Version >= 5.18 < 5.18.4
LinuxLinux Kernel Version5.19 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.084
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/556720013c36c193d9cbfb06e7b33e51f0c39fbf
Patch
https://git.kernel.org/stable/c/662a80946ce13633ae90a55379f1346c10f0c432
Patch
https://git.kernel.org/stable/c/71e8bfc7f838cabc60cba24e09ca84c4f8321ab2
Patch
https://git.kernel.org/stable/c/8801eb3ccd2e4e3b1a01449383e3321ae6dbd9d6
Patch
https://git.kernel.org/stable/c/95f0ba806277733bf6024e23e27e1be773701cca
Patch
https://git.kernel.org/stable/c/c61848500a3fd6867dfa4834b8c7f97133eceb9f
Patch
https://git.kernel.org/stable/c/c926ae58f24f7bd55aa2ea4add9f952032507913
Patch