4.7

CVE-2022-49601

tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.

In the Linux kernel, the following vulnerability has been resolved:

tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.

While reading sysctl_tcp_fwmark_accept, it can be changed concurrently.
Thus, we need to add READ_ONCE() to its reader.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.16 < 4.9.325
LinuxLinux Kernel Version >= 4.10 < 4.14.290
LinuxLinux Kernel Version >= 4.15 < 4.19.254
LinuxLinux Kernel Version >= 4.20 < 5.4.208
LinuxLinux Kernel Version >= 5.5 < 5.10.134
LinuxLinux Kernel Version >= 5.11 < 5.15.58
LinuxLinux Kernel Version >= 5.16 < 5.18.15
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
LinuxLinux Kernel Version5.19 Updaterc5
LinuxLinux Kernel Version5.19 Updaterc6
LinuxLinux Kernel Version5.19 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.079
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/13207f9485b5de68decf296ceb0046f5eabb2485
Patch
https://git.kernel.org/stable/c/1a0008f9df59451d0a17806c1ee1a19857032fa8
Patch
https://git.kernel.org/stable/c/45fc82706a97242539d6b841ddd7a077ec20757b
Patch
https://git.kernel.org/stable/c/526d8cf8824f613c72dba2155542295e70135f62
Patch
https://git.kernel.org/stable/c/a7386602a2fe2f6192477e8ede291a815da09d81
Patch
https://git.kernel.org/stable/c/abf70de2ec026ae8d7da4e79bec61888a880e00b
Patch
https://git.kernel.org/stable/c/bf3134feffe61b7a0e21f60a04743f8da0958b53
Patch
https://git.kernel.org/stable/c/d4f65615db7fca3df9f7e79eadf937e6ddb03c54
Patch