4.7

CVE-2022-49586

tcp: Fix data-races around sysctl_tcp_fastopen.

In the Linux kernel, the following vulnerability has been resolved:

tcp: Fix data-races around sysctl_tcp_fastopen.

While reading sysctl_tcp_fastopen, it can be changed concurrently.
Thus, we need to add READ_ONCE() to its readers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.6 < 4.19.254
LinuxLinux Kernel Version >= 4.20 < 5.4.208
LinuxLinux Kernel Version >= 5.5 < 5.10.134
LinuxLinux Kernel Version >= 5.11 < 5.15.58
LinuxLinux Kernel Version >= 5.16 < 5.18.15
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
LinuxLinux Kernel Version5.19 Updaterc5
LinuxLinux Kernel Version5.19 Updaterc6
LinuxLinux Kernel Version5.19 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.079
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/03da610696a32578fc4f986479341ce9d430df08
Patch
https://git.kernel.org/stable/c/22938534c611136f35e2ca545bb668073ca5ef49
Patch
https://git.kernel.org/stable/c/25d53d858a6c0b89a6e69e376c2a57c4f4c2c8cc
Patch
https://git.kernel.org/stable/c/448ab998947996a0a451f8229f19087964cf2670
Patch
https://git.kernel.org/stable/c/539d9ab79eba3974b479cad61a8688c41fe62e12
Patch
https://git.kernel.org/stable/c/5a54213318c43f4009ae158347aa6016e3b9b55a
Patch