| From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001 |
| From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| To: <linux-cve-announce@vger.kernel.org> |
| Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> |
| Subject: CVE-2022-49596: tcp: Fix data-races around sysctl_tcp_min_snd_mss. |
| |
| Description |
| =========== |
| |
| In the Linux kernel, the following vulnerability has been resolved: |
| |
| tcp: Fix data-races around sysctl_tcp_min_snd_mss. |
| |
| While reading sysctl_tcp_min_snd_mss, it can be changed concurrently. |
| Thus, we need to add READ_ONCE() to its readers. |
| |
| The Linux kernel CVE team has assigned CVE-2022-49596 to this issue. |
| |
| |
| Affected and fixed versions |
| =========================== |
| |
| Issue introduced in 5.2 with commit 5f3e2bf008c2221478101ee72f5cb4654b9fc363 and fixed in 5.4.208 with commit fdb96b69f5909ffcdd6f1e0902219fc6d7689ff7 |
| Issue introduced in 5.2 with commit 5f3e2bf008c2221478101ee72f5cb4654b9fc363 and fixed in 5.10.134 with commit 97992e8feff33b3ae154a113ec398546bbacda80 |
| Issue introduced in 5.2 with commit 5f3e2bf008c2221478101ee72f5cb4654b9fc363 and fixed in 5.15.58 with commit 0fc9357282df055e30990b29f4b7afa53ab42cdb |
| Issue introduced in 5.2 with commit 5f3e2bf008c2221478101ee72f5cb4654b9fc363 and fixed in 5.18.15 with commit 0d8a39feb58910a7f7746b1770ee5578cc551fe6 |
| Issue introduced in 5.2 with commit 5f3e2bf008c2221478101ee72f5cb4654b9fc363 and fixed in 5.19 with commit 78eb166cdefcc3221c8c7c1e2d514e91a2eb5014 |
| Issue introduced in 3.16.69 with commit 6b7e7997ad3505db7de85ff12276fc84659481d3 |
| Issue introduced in 4.4.182 with commit e757d052f3b8ce739d068a1e890643376c16b7a9 |
| Issue introduced in 4.9.182 with commit 8e39cbc03dafa3731d22533f869bf326c0e6e6f8 |
| Issue introduced in 4.14.127 with commit cd6f35b8421ff20365ff711c0ac7647fd70e9af7 |
| Issue introduced in 4.19.52 with commit 7f9f8a37e563c67b24ccd57da1d541a95538e8d9 |
| Issue introduced in 5.1.11 with commit 2efabe3e1491f10bf3cf82ae1a371755ba054a1b |
| |
| Please see https://www.kernel.org for a full list of currently supported |
| kernel versions by the kernel community. |
| |
| Unaffected versions might change over time as fixes are backported to |
| older supported kernel versions. The official CVE entry at |
| https://cve.org/CVERecord/?id=CVE-2022-49596 |
| will be updated if fixes are backported, please check that for the most |
| up to date information about this issue. |
| |
| |
| Affected files |
| ============== |
| |
| The file(s) affected by this issue are: |
| net/ipv4/tcp_output.c |
| net/ipv4/tcp_timer.c |
| |
| |
| Mitigation |
| ========== |
| |
| The Linux kernel CVE team recommends that you update to the latest |
| stable kernel version for this, and many other bugfixes. Individual |
| changes are never tested alone, but rather are part of a larger kernel |
| release. Cherry-picking individual commits is not recommended or |
| supported by the Linux kernel community at all. If however, updating to |
| the latest release is impossible, the individual changes to resolve this |
| issue can be found at these commits: |
| https://git.kernel.org/stable/c/fdb96b69f5909ffcdd6f1e0902219fc6d7689ff7 |
| https://git.kernel.org/stable/c/97992e8feff33b3ae154a113ec398546bbacda80 |
| https://git.kernel.org/stable/c/0fc9357282df055e30990b29f4b7afa53ab42cdb |
| https://git.kernel.org/stable/c/0d8a39feb58910a7f7746b1770ee5578cc551fe6 |
| https://git.kernel.org/stable/c/78eb166cdefcc3221c8c7c1e2d514e91a2eb5014 |
