4.7

CVE-2022-49572

tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.

In the Linux kernel, the following vulnerability has been resolved:

tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.

While reading sysctl_tcp_slow_start_after_idle, it can be changed
concurrently.  Thus, we need to add READ_ONCE() to its readers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.18 < 4.19.254
LinuxLinux Kernel Version >= 4.20 < 5.4.208
LinuxLinux Kernel Version >= 5.5 < 5.10.134
LinuxLinux Kernel Version >= 5.11 < 5.15.58
LinuxLinux Kernel Version >= 5.16 < 5.18.15
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
LinuxLinux Kernel Version5.19 Updaterc5
LinuxLinux Kernel Version5.19 Updaterc6
LinuxLinux Kernel Version5.19 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.079
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/0e3f82a03ec8c3808e87283e12946227415706c9
Patch
https://git.kernel.org/stable/c/369d99c2b89f54473adcf9acdf40ea562b5a6e0e
Patch
https://git.kernel.org/stable/c/3b26e11b07a09b31247688bec61e2925d4a571b6
Patch
https://git.kernel.org/stable/c/41aeba4506f6b70ec7500c6fe202731a4ba29fe5
Patch
https://git.kernel.org/stable/c/4845b5713ab18a1bb6e31d1fbb4d600240b8b691
Patch
https://git.kernel.org/stable/c/68b6f9506747d507c7bfa374d178929b4157e8c6
Patch