CVE-2022-49629

MEDIUM

Linux Kernel 5.8-5.10.131, 5.11-5.15.55, 5.16-5.18.12 - Data Race in nexthop_compat_mode

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthop_compat_mode. While reading nexthop_compat_mode, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/a51040d4b120f3520df64fb0b9c63b31d69bea9b

Patch

https://git.kernel.org/stable/c/0d17723afea3ae8c9f245c9bbd2ba5945b77e812

Patch

https://git.kernel.org/stable/c/ae3054f6fbccc90f14ecd6cf9b2c09a2401c64fd

Patch

https://git.kernel.org/stable/c/bdf00bf24bef9be1ca641a6390fd5487873e0d2e

Scores

CVSS v3 4.7

EPSS 0.0016

EPSS Percentile 6.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-362

Status published

Products (15)

linux/Kernel 5.11.0 - 5.15.56linux

linux/Kernel 5.16.0 - 5.18.13linux

linux/Kernel 5.8.0 - 5.10.132linux

Linux/Linux < 5.8

Linux/Linux 4f80116d3df3b23ee4b83ea8557629e1799bc230 - 0d17723afea3ae8c9f245c9bbd2ba5945b77e812

Linux/Linux 4f80116d3df3b23ee4b83ea8557629e1799bc230 - a51040d4b120f3520df64fb0b9c63b31d69bea9b

Linux/Linux 4f80116d3df3b23ee4b83ea8557629e1799bc230 - ae3054f6fbccc90f14ecd6cf9b2c09a2401c64fd

Linux/Linux 4f80116d3df3b23ee4b83ea8557629e1799bc230 - bdf00bf24bef9be1ca641a6390fd5487873e0d2e

Linux/Linux 5.10.132 - 5.10.*

Linux/Linux 5.15.56 - 5.15.*

... and 5 more

Published Feb 26, 2025

Tracked Since Feb 18, 2026