Race condition within a thread in Linux kernel ipv4

1) Race condition within a thread

EUVDB-ID: #VU104833

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49637

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to a data race within the tnode_free() function in net/ipv4/fib_trie.c. A local user can corrupt data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 5.15 - 5.15.55

CPE2.3

• cpe:2.3:o:linux_foundation:linux_kernel:5.15:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc1:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc2:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc3:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc4:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc5:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc6:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc7:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15.0:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15.1:*:*:*:*:*:*:*

External links

https://git.kernel.org/stable/c/190cd4ff128373271e065afb20f1d2247b3f10c3
https://git.kernel.org/stable/c/418b191d5f223a8cb6cab09eae1f72c04ba6adf2
https://git.kernel.org/stable/c/73318c4b7dbd0e781aaababff17376b2894745c0
https://git.kernel.org/stable/c/7c1acd98fb221dc0d847451b9ab86319f8b9916c
https://git.kernel.org/stable/c/9be8aac91960ea32fd0e874758c9afee665c57d2
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.56

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.