kernel: tcp: Fix a data-race around sysctl_tcp_notsent_lowat.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpnotsentlowat. While reading sysctltcpnotsentlowat, it can be changed concurrently. Thus, we need to add READONCE to its reader...

kernel: ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibmultipathuseneigh. While reading sysctlfibmultipathuseneigh, it can be changed concurrently. Thus, we need to add READONCE to its reader...

kernel: tcp: Fix a data-race around sysctl_tcp_early_retrans.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpearlyretrans. While reading sysctltcpearlyretrans, it can be changed concurrently. Thus, we need to add READONCE to its reader...

kernel: ip: Fix a data-race around sysctl_fwmark_reflect.

In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctlfwmarkreflect. While reading sysctlfwmarkreflect, it can be changed concurrently. Thus, we need to add READONCE to its reader...

kernel: tcp: Fix data-races around sysctl_tcp_migrate_req.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpmigratereq. While reading sysctltcpmigratereq, it can be changed concurrently. Thus, we need to add READONCE to its readers...

kernel: bpf: Fix a data-race around bpf_jit_limit.

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpfjitlimit. While reading bpfjitlimit, it can be changed concurrently via sysctl, WRITEONCE in doprocdoulongvecminmax. The size of bpfjitlimit is long, so we need to add a paired READONCE to avoid...

kernel: tcp: Fix data-races around sysctl_tcp_min_snd_mss.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpminsndmss. While reading sysctltcpminsndmss, it can be changed concurrently. Thus, we need to add READONCE to its readers...

kernel: ipv4: Fix data-races around sysctl_fib_multipath_hash_policy.

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctlfibmultipathhashpolicy. While reading sysctlfibmultipathhashpolicy, it can be changed concurrently. Thus, we need to add READONCE to its readers...

kernel: tcp: Fix data-races around sysctl_tcp_recovery.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcprecovery. While reading sysctltcprecovery, it can be changed concurrently. Thus, we need to add READONCE to its readers...

kernel: cipso: Fix data-races around sysctl.

In the Linux kernel, the following vulnerability has been resolved: cipso: Fix data-races around sysctl. While reading cipso sysctl variables, they can be changed concurrently. So, we need to add READONCE to avoid data-races...

kernel: sysctl: Fix data-races in proc_dou8vec_minmax().

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data-races in procdou8vecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...

kernel: tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpthinlineartimeouts. While reading sysctltcpthinlineartimeouts, it can be changed concurrently. Thus, we need to add READONCE to its reader...

kernel: igmp: Fix data-races around sysctl_igmp_llm_reports.

In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctligmpllmreports. While reading sysctligmpllmreports, it can be changed concurrently. Thus, we need to add READONCE to its readers. This test can be packed into a helper, so such changes will be in...

kernel: udp: Fix a data-race around sysctl_udp_l3mdev_accept.

In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctludpl3mdevaccept. While reading sysctludpl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...

kernel: ip: Fix data-races around sysctl_ip_fwd_use_pmtu.

In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipfwdusepmtu. While reading sysctlipfwdusepmtu, it can be changed concurrently. Thus, we need to add READONCE to its readers...

kernel: raw: Fix a data-race around sysctl_raw_l3mdev_accept.

A flaw was found in the RAW-IP module in the Linux kernel. A race condition can occur when reading the sysctlrawl3mdevaccept resource due to a missing lock, potentially impacting system stability and resulting in a denial of service...

kernel: ip: Fix data-races around sysctl_ip_fwd_update_priority.

In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipfwdupdatepriority. While reading sysctlipfwdupdatepriority, it can be changed concurrently. Thus, we need to add READONCE to its readers...

kernel: tcp: Fix data-races around sysctl_tcp_mtu_probing.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpmtuprobing. While reading sysctltcpmtuprobing, it can be changed concurrently. Thus, we need to add READONCE to its readers...

kernel: sysctl: Fix data races in proc_douintvec().

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvec. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch change...

PT-2025-8508 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A data-race issue exists around sysctl tcp thin linear timeouts in the Linux kernel. The value of sysctl tcp thin linear timeouts can be changed concurrently while it is being read,...