4.7

CVE-2022-49595

tcp: Fix a data-race around sysctl_tcp_probe_threshold.

In the Linux kernel, the following vulnerability has been resolved:

tcp: Fix a data-race around sysctl_tcp_probe_threshold.

While reading sysctl_tcp_probe_threshold, it can be changed concurrently.
Thus, we need to add READ_ONCE() to its reader.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.1 < 4.9.325
LinuxLinux Kernel Version >= 4.10 < 4.14.290
LinuxLinux Kernel Version >= 4.15 < 4.19.254
LinuxLinux Kernel Version >= 4.20 < 5.4.208
LinuxLinux Kernel Version >= 5.5 < 5.10.134
LinuxLinux Kernel Version >= 5.11 < 5.15.58
LinuxLinux Kernel Version >= 5.16 < 5.18.15
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
LinuxLinux Kernel Version5.19 Updaterc5
LinuxLinux Kernel Version5.19 Updaterc6
LinuxLinux Kernel Version5.19 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.079
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/44768749980d53bc01980d9c060f736808d11af0
Patch
https://git.kernel.org/stable/c/92c0aa4175474483d6cf373314343d4e624e882a
Patch
https://git.kernel.org/stable/c/96900fa61777402eb5056269d8000aace33a8b6c
Patch
https://git.kernel.org/stable/c/9b5dc7ad6da1373d3c60d4b869d688f996e5d219
Patch
https://git.kernel.org/stable/c/b04817c94fbd285a967d9b830b274fe9998c9c0b
Patch
https://git.kernel.org/stable/c/d452ce36f2d4c402fa3f5275c9677f80166e7fc6
Patch
https://git.kernel.org/stable/c/f524c3e7f6cdad66b3b6a912cef47b656f8b0de3
Patch
https://git.kernel.org/stable/c/fa5fb2cf9393db898772db8cb897ed5fd265eb78
Patch