#VU104846 Race condition within a thread in Linux kernel - CVE-2022-49578
Vulnerability identifier: #VU104846
Vulnerability risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-366
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the ipv4_local_port_range() and ipv4_privileged_ports() functions in net/ipv4/sysctl_net_ipv4.c. A local user can corrupt data.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: 5.18, 5.18 rc1, 5.18 rc2, 5.18 rc3, 5.18 rc5, 5.18 rc6, 5.18 rc7, 5.18 rc8, 5.18.1, 5.18.2, 5.18.3, 5.18.4, 5.18.5, 5.18.6, 5.18.7, 5.18.8, 5.18.9, 5.18.10, 5.18.11, 5.18.12, 5.18.13, 5.18.14
External links
https://git.kernel.org/stable/c/95724fe897a4ecf2be51452ef96e818568071664
https://git.kernel.org/stable/c/9add240f76af6d141d2eebd3a1558a0e503a993d
https://git.kernel.org/stable/c/9b55c20f83369dd54541d9ddbe3a018a8377f451
https://git.kernel.org/stable/c/ef699813d99cc29e6e25c9f6da7766526cc8bd6e
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.15
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
