CVE-2022-49578

MEDIUM

Linux Kernel 4.11-5.10.134, 5.11-5.15.58, 5.16-5.18.15 - Data Race in sysctl_ip_prot_sock

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_prot_sock. sysctl_ip_prot_sock is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/9add240f76af6d141d2eebd3a1558a0e503a993d

Patch

https://git.kernel.org/stable/c/95724fe897a4ecf2be51452ef96e818568071664

Patch

https://git.kernel.org/stable/c/ef699813d99cc29e6e25c9f6da7766526cc8bd6e

Patch

https://git.kernel.org/stable/c/9b55c20f83369dd54541d9ddbe3a018a8377f451

Scores

CVSS v3 4.7

EPSS 0.0018

EPSS Percentile 7.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-362

Status published

Products (15)

linux/Kernel 4.11.0 - 5.10.134linux

linux/Kernel 5.11.0 - 5.15.58linux

linux/Kernel 5.16.0 - 5.18.15linux

Linux/Linux < 4.11

Linux/Linux 4.11

Linux/Linux 4548b683b78137f8eadeb312b94e20bb0d4a7141 - 95724fe897a4ecf2be51452ef96e818568071664

Linux/Linux 4548b683b78137f8eadeb312b94e20bb0d4a7141 - 9add240f76af6d141d2eebd3a1558a0e503a993d

Linux/Linux 4548b683b78137f8eadeb312b94e20bb0d4a7141 - 9b55c20f83369dd54541d9ddbe3a018a8377f451

Linux/Linux 4548b683b78137f8eadeb312b94e20bb0d4a7141 - ef699813d99cc29e6e25c9f6da7766526cc8bd6e

Linux/Linux 5.10.134 - 5.10.*

... and 5 more

Published Feb 26, 2025

Tracked Since Feb 18, 2026