Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. While reading sysctl_tcp_fwmark_accept, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 3.16, < 4.9.325 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/13207f9485b5de68decf296ceb0046f5eabb2485Patch
- https://git.kernel.org/stable/c/1a0008f9df59451d0a17806c1ee1a19857032fa8Patch
- https://git.kernel.org/stable/c/45fc82706a97242539d6b841ddd7a077ec20757bPatch
- https://git.kernel.org/stable/c/526d8cf8824f613c72dba2155542295e70135f62Patch
- https://git.kernel.org/stable/c/a7386602a2fe2f6192477e8ede291a815da09d81Patch
- https://git.kernel.org/stable/c/abf70de2ec026ae8d7da4e79bec61888a880e00bPatch
- https://git.kernel.org/stable/c/bf3134feffe61b7a0e21f60a04743f8da0958b53Patch
- https://git.kernel.org/stable/c/d4f65615db7fca3df9f7e79eadf937e6ddb03c54Patch
FAQ
What is CVE-2022-49601?
CVE-2022-49601 is a vulnerability with a CVSS score of 4.7 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. While reading sysctl_tcp_fwmark_accept, it can be changed concurrently....
How severe is CVE-2022-49601?
CVE-2022-49601 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-49601?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.