CVE-2022-49588

MEDIUM

Linux Kernel 5.10.188-5.11 - Data Race in sysctl_tcp_migrate_req

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_migrate_req. While reading sysctl_tcp_migrate_req, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/fcf6c6d8aeffebca66f37b17ef1b57112e5e09c1

Patch

https://git.kernel.org/stable/c/6e569a11eea20a1ccebc3c4e6366bf0574a449e1

Patch

https://git.kernel.org/stable/c/4177f545895b1da08447a80692f30617154efa6e

Scores

CVSS v3 4.7

EPSS 0.0017

EPSS Percentile 6.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-362

Status published

Products (12)

Linux/Linux < 5.14

Linux/Linux 5.10.188 - 5.11

Linux/Linux 5.14

Linux/Linux 5.15.58 - 5.15.*

Linux/Linux 5.18.15 - 5.18.*

Linux/Linux 5.19

Linux/Linux cf6c06ac74879726c88fe1ec013727006cdbdd58

Linux/Linux f9ac779f881c2ec3d1cdcd7fa9d4f9442bf60e80 - 4177f545895b1da08447a80692f30617154efa6e

Linux/Linux f9ac779f881c2ec3d1cdcd7fa9d4f9442bf60e80 - 6e569a11eea20a1ccebc3c4e6366bf0574a449e1

Linux/Linux f9ac779f881c2ec3d1cdcd7fa9d4f9442bf60e80 - fcf6c6d8aeffebca66f37b17ef1b57112e5e09c1

... and 2 more

Published Feb 26, 2025

Tracked Since Feb 18, 2026