4.7

CVE-2022-49639

cipso: Fix data-races around sysctl.

In the Linux kernel, the following vulnerability has been resolved:

cipso: Fix data-races around sysctl.

While reading cipso sysctl variables, they can be changed concurrently.
So, we need to add READ_ONCE() to avoid data-races.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.19 < 4.9.324
LinuxLinux Kernel Version >= 4.10 < 4.14.289
LinuxLinux Kernel Version >= 4.15 < 4.19.253
LinuxLinux Kernel Version >= 4.20 < 5.4.207
LinuxLinux Kernel Version >= 5.5 < 5.10.132
LinuxLinux Kernel Version >= 5.11 < 5.15.56
LinuxLinux Kernel Version >= 5.16 < 5.18.13
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
LinuxLinux Kernel Version5.19 Updaterc5
LinuxLinux Kernel Version5.19 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.063
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/07b0caf8aeb9b82e6ecc6c292a3e47c7fcdb1148
Patch
https://git.kernel.org/stable/c/0e41a0f73ccb9be112a80bde3804a771633caaef
Patch
https://git.kernel.org/stable/c/2764f82bbc158d106693ae3ced3675cf4b963b35
Patch
https://git.kernel.org/stable/c/59e26906b89cc35bb54476498772b45cbc32323f
Patch
https://git.kernel.org/stable/c/c321e99d2725d11f7e6a4ebd9ce752259f0bae81
Patch
https://git.kernel.org/stable/c/ca26ca5e2f3eeb3e6fe699cd6effa3b4b2aa8698
Patch
https://git.kernel.org/stable/c/dd44f04b9214adb68ef5684ae87a81ba03632250
Patch
https://git.kernel.org/stable/c/fe2a35fa2c4f9c8ce5ef970eb927031387f9446a
Patch