Race condition within a thread in Linux kernel ipv4

1) Race condition within a thread

EUVDB-ID: #VU104849

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49585

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to a data race within the tcp_fastopen_active_disable() function in net/ipv4/tcp_fastopen.c. A local user can corrupt data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 5.15 - 5.15.57

CPE2.3

• cpe:2.3:o:linux_foundation:linux_kernel:5.15:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc1:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc2:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc3:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc4:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc5:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc6:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc7:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15.0:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15.1:*:*:*:*:*:*:*

External links

https://git.kernel.org/stable/c/021266ec640c7a4527e6cd4b7349a512b351de1d
https://git.kernel.org/stable/c/0dc2f19d8c2636cebda7976b5ea40c6d69f0d891
https://git.kernel.org/stable/c/8afa5604e295046c02b79ccf9e2bbbf8d969d60e
https://git.kernel.org/stable/c/a77a75a0e7f397550ab039f96115103e78dd5c69
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.58

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.