SB20250226677 - Race condition within a thread in Linux kernel ipv4
Published: February 26, 2025 Updated: May 11, 2025
Security Bulletin ID
SB20250226677
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Race condition within a thread (CVE-ID: CVE-2022-49574)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the tcp_rack_reo_wnd() and tcp_rack_update_reo_wnd() functions in net/ipv4/tcp_recovery.c, within the tcp_init_undo() function in net/ipv4/tcp_input.c. A local user can corrupt data.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/52ee7f5c4811ce6be1becd14d38ba1f8a8a0df81
- https://git.kernel.org/stable/c/92c35113c63306091df9211375eebd0abd8c2160
- https://git.kernel.org/stable/c/a31e2d0cb5cfa2aae3144cac04f25031d5d20fb4
- https://git.kernel.org/stable/c/c7a492db1f7c37c758a66915908677bd8bc5d368
- https://git.kernel.org/stable/c/d8781f7cd04091744f474a2bada74772084b9dc9
- https://git.kernel.org/stable/c/e7d2ef837e14a971a05f60ea08c47f3fed1a36e4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.254
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.134
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.58
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.15
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.208