1069 matches found
CVE-2022-49634 sysctl: Fix data-races in proc_dou8vec_minmax().
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data-races in procdou8vecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...
CVE-2022-49634
CVE-2022-49634 : In the Linux kernel, there are data-races in sysctl access to proc_dou8vec_minmax() due to concurrent readers/writers. The fix changes proc_dou8vec_minmax() to use internal READ_ONCE() and WRITE_ONCE() to mitigate races on the sysctl side. The patch notes indicate the function it...
CVE-2022-49632 icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctlicmperrorsuseinboundifaddr. While reading sysctlicmperrorsuseinboundifaddr, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49633 icmp: Fix data-races around sysctl_icmp_echo_enable_probe.
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctlicmpechoenableprobe. While reading sysctlicmpechoenableprobe, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49632
CVE-2022-49632 is a Linux kernel data-race vulnerability in icmp: reading sysctl_icmp_errors_use_inbound_ifaddr can race with concurrent writes. The fix adds READ_ONCE() to the reader. CVSSv3.1 indicates a Local access requirement, High attack complexity, Low privileges, no user interaction, with...
CVE-2022-49633
In the Linux kernel (CVE-2022-49633), a data-race was fixed in icmp_echo_enable_probe where readers could observe concurrent writes. The mitigation adds READ_ONCE() to readers to prevent reading torn data. The provided connected docs confirm this resolution and describe the underlying issue and f...
CVE-2022-49632 icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctlicmperrorsuseinboundifaddr. While reading sysctlicmperrorsuseinboundifaddr, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49631 raw: Fix a data-race around sysctl_raw_l3mdev_accept.
In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctlrawl3mdevaccept. While reading sysctlrawl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49630 tcp: Fix a data-race around sysctl_tcp_ecn_fallback.
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49604 ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipfwdusepmtu. While reading sysctlipfwdusepmtu, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49604
CVE-2022-49604 is a Linux kernel vulnerability involving a data race in the sysctl_ip_fwd_use_pmtu path. The issue occurs when reading the sysctl while it can be modified concurrently, creating a race condition that can lead to inconsistent reads. The documented fix is to guard readers with READ_...
CVE-2022-49603 ip: Fix data-races around sysctl_ip_fwd_update_priority.
In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipfwdupdatepriority. While reading sysctlipfwdupdatepriority, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49602 ip: Fix a data-race around sysctl_fwmark_reflect.
In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctlfwmarkreflect. While reading sysctlfwmarkreflect, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49603
In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipfwdupdatepriority. While reading sysctlipfwdupdatepriority, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49600 ip: Fix a data-race around sysctl_ip_autobind_reuse.
In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctlipautobindreuse. While reading sysctlipautobindreuse, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49600 ip: Fix a data-race around sysctl_ip_autobind_reuse.
In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctlipautobindreuse. While reading sysctlipautobindreuse, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49601 tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctltcpfwmarkaccept. While reading sysctltcpfwmarkaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49601 tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctltcpfwmarkaccept. While reading sysctltcpfwmarkaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49600 ip: Fix a data-race around sysctl_ip_autobind_reuse.
In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctlipautobindreuse. While reading sysctlipautobindreuse, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49601
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctltcpfwmarkaccept. While reading sysctltcpfwmarkaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...