115 matches found
UBUNTU-CVE-2022-49637
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibsyncmem. While reading sysctlfibsyncmem, it can be changed concurrently. So, we need to add READONCE to avoid a data-race...
CVE-2022-49640 sysctl: Fix data races in proc_douintvec_minmax().
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...
CVE-2022-49641 sysctl: Fix data races in proc_douintvec().
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvec. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch change...
CVE-2022-49641
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvec. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch change...
CVE-2022-49640
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...
CVE-2022-49641 sysctl: Fix data races in proc_douintvec().
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvec. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch change...
CVE-2022-49638
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READONCE to avoid data-races...
CVE-2022-49639 cipso: Fix data-races around sysctl.
In the Linux kernel, the following vulnerability has been resolved: cipso: Fix data-races around sysctl. While reading cipso sysctl variables, they can be changed concurrently. So, we need to add READONCE to avoid data-races...
CVE-2022-49638 icmp: Fix data-races around sysctl.
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READONCE to avoid data-races...
CVE-2022-49637 ipv4: Fix a data-race around sysctl_fib_sync_mem.
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibsyncmem. While reading sysctlfibsyncmem, it can be changed concurrently. So, we need to add READONCE to avoid a data-race...
CVE-2022-49631 raw: Fix a data-race around sysctl_raw_l3mdev_accept.
In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctlrawl3mdevaccept. While reading sysctlrawl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49631 raw: Fix a data-race around sysctl_raw_l3mdev_accept.
In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctlrawl3mdevaccept. While reading sysctlrawl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49629
The CVE-2022-49629 entry concerns a Linux kernel data race in nexthop_compat_mode where readers could observe concurrent changes. The vulnerability is triggered by reading nexthop_compat_mode while it is modified, and fixes require using READ_ONCE() in readers. Connected advisories (Astra Linux, ...
CVE-2022-49604 ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipfwdusepmtu. While reading sysctlipfwdusepmtu, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49602 ip: Fix a data-race around sysctl_fwmark_reflect.
In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctlfwmarkreflect. While reading sysctlfwmarkreflect, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49602
In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctlfwmarkreflect. While reading sysctlfwmarkreflect, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49603
CVE-2022-49603 concerns the Linux kernel where data races around sysctl_ip_fwd_update_priority could occur while readers access it concurrently. The fix adds READ_ONCE() to readers to prevent concurrent modification. Connected advisories (EulerOS/OpenVAS/Nessus) explicitly reference this vulnerab...
CVE-2022-49600
In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctlipautobindreuse. While reading sysctlipautobindreuse, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49598
CVE-2022-49598 affects the Linux kernel, addressing a data-race around sysctl_tcp_mtu_probing. The issue arises when reading sysctl_tcp_mtu_probing, which could be modified concurrently. The root cause is a missing synchronization in readers of sysctl_tcp_mtu_probing; the fix is to add READ_ONCE(...
CVE-2022-49599
CVE-2022-49599 concerns a data race in the Linux kernel involving sysctl_tcp_l3mdev_accept. The connected advisories confirm the vulnerability is in the kernel’s handling of sysctl_tcp_l3mdev_accept and that the fix adds READ_ONCE() to the readers to prevent concurrent modification during reads. ...