SB20250226685 - Race condition within a thread in Linux kernel ipv4
Published: February 26, 2025 Updated: May 11, 2025
Security Bulletin ID
SB20250226685
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Race condition within a thread (CVE-ID: CVE-2022-49586)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the tcp_fastopen_no_cookie() and tcp_try_fastopen() functions in net/ipv4/tcp_fastopen.c, within the tcp_sendmsg_fastopen() and do_tcp_setsockopt() functions in net/ipv4/tcp.c, within the inet_listen() function in net/ipv4/af_inet.c. A local user can corrupt data.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/03da610696a32578fc4f986479341ce9d430df08
- https://git.kernel.org/stable/c/22938534c611136f35e2ca545bb668073ca5ef49
- https://git.kernel.org/stable/c/25d53d858a6c0b89a6e69e376c2a57c4f4c2c8cc
- https://git.kernel.org/stable/c/448ab998947996a0a451f8229f19087964cf2670
- https://git.kernel.org/stable/c/539d9ab79eba3974b479cad61a8688c41fe62e12
- https://git.kernel.org/stable/c/5a54213318c43f4009ae158347aa6016e3b9b55a
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.254
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.134
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.58
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.15
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.208