4.7

CVE-2022-49638

icmp: Fix data-races around sysctl.

In the Linux kernel, the following vulnerability has been resolved:

icmp: Fix data-races around sysctl.

While reading icmp sysctl variables, they can be changed concurrently.
So, we need to add READ_ONCE() to avoid data-races.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.18 < 4.9.324
LinuxLinux Kernel Version >= 4.10 < 4.14.289
LinuxLinux Kernel Version >= 4.15 < 4.19.253
LinuxLinux Kernel Version >= 4.20 < 5.4.207
LinuxLinux Kernel Version >= 5.5 < 5.10.132
LinuxLinux Kernel Version >= 5.11 < 5.15.56
LinuxLinux Kernel Version >= 5.16 < 5.18.13
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
LinuxLinux Kernel Version5.19 Updaterc5
LinuxLinux Kernel Version5.19 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.063
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/0cba7ca667ceb06934746ddd9833a25847bde81d
Patch
https://git.kernel.org/stable/c/1740e5922fbb705637ae9fa5203db132fc45f9f6
Patch
https://git.kernel.org/stable/c/48d7ee321ea5182c6a70782aa186422a70e67e22
Patch
https://git.kernel.org/stable/c/53ecd09ef2fb35fa69667ae8e414ef6b00fd3bf6
Patch
https://git.kernel.org/stable/c/798c2cf57c63ab39c8aac24d6a3d50f4fa5eeb06
Patch
https://git.kernel.org/stable/c/e088ceb73c24ab4774da391d54a6426f4bfaefce
Patch
https://git.kernel.org/stable/c/e2828e8c605853f71267825c9415437c0a93e4f2
Patch
https://git.kernel.org/stable/c/edeec63b13c252193d626c2a48d7a2f0e7016dc2
Patch