Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

CVE-2022-49604 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2022-49604

CVE-2022-49604

MEDIUM4.7

ip: Fix data-races around sysctl_ip_fwd_use_pmtu.

Published Feb 26, 2025

Modified 5 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

ip: Fix data-races around sysctl_ip_fwd_use_pmtu.

While reading sysctl_ip_fwd_use_pmtu, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers.

References

WEB

https://git.kernel.org/stable/c/60c158dc7b1f0558f6cadd5b50d0386da0000d50

WEB

https://git.kernel.org/stable/c/7828309df0f89419a9349761a37c7d1b0da45697

WEB

https://git.kernel.org/stable/c/93fbc06da1d819f3981a7bd7928c3641ea67b364

WEB

https://git.kernel.org/stable/c/b96ed5ccb09ae71103023ed13acefb194f609794

WEB

https://git.kernel.org/stable/c/e364b5f6ffbfc457a997ad09a7baa16c19581edc

WEB

https://git.kernel.org/stable/c/eb15262128b793e4b1d1c4514d3e6d19c3959764

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2022-49604

CVSS Analysis

CVSS v3.1

4.7

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

HighAC:H

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

4.7/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedFeb 26, 2025

ModifiedOct 1, 2025