{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49571", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-26T02:21:30.410Z", "datePublished": "2025-02-26T02:23:14.182Z", "dateUpdated": "2025-05-04T08:40:53.081Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:40:53.081Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix data-races around sysctl_tcp_max_reordering.\n\nWhile reading sysctl_tcp_max_reordering, it can be changed\nconcurrently. Thus, we need to add READ_ONCE() to its readers."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/tcp_input.c"], "versions": [{"version": "dca145ffaa8d39ea1904491ac81b92b7049372c0", "lessThan": "5e38cee24f19d19280c68f1ac8bf6790d607f60a", "status": "affected", "versionType": "git"}, {"version": "dca145ffaa8d39ea1904491ac81b92b7049372c0", "lessThan": "50a1d3d097503a90cf84ebe120afcde37e9c33b3", "status": "affected", "versionType": "git"}, {"version": "dca145ffaa8d39ea1904491ac81b92b7049372c0", "lessThan": "064852663308c801861bd54789d81421fa4c2928", "status": "affected", "versionType": "git"}, {"version": "dca145ffaa8d39ea1904491ac81b92b7049372c0", "lessThan": "ce3731c61589ed73364a5b55ce34131762ef9b60", "status": "affected", "versionType": "git"}, {"version": "dca145ffaa8d39ea1904491ac81b92b7049372c0", "lessThan": "46deb91ac8a790286ad6d24cf92e7ab0ab2582bb", "status": "affected", "versionType": "git"}, {"version": "dca145ffaa8d39ea1904491ac81b92b7049372c0", "lessThan": "a11e5b3e7a59fde1a90b0eaeaa82320495cf8cae", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/tcp_input.c"], "versions": [{"version": "3.19", "status": "affected"}, {"version": "0", "lessThan": "3.19", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.254", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.208", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.134", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.58", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.18.15", "lessThanOrEqual": "5.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "4.19.254"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "5.4.208"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "5.10.134"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "5.15.58"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "5.18.15"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "5.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/5e38cee24f19d19280c68f1ac8bf6790d607f60a"}, {"url": "https://git.kernel.org/stable/c/50a1d3d097503a90cf84ebe120afcde37e9c33b3"}, {"url": "https://git.kernel.org/stable/c/064852663308c801861bd54789d81421fa4c2928"}, {"url": "https://git.kernel.org/stable/c/ce3731c61589ed73364a5b55ce34131762ef9b60"}, {"url": "https://git.kernel.org/stable/c/46deb91ac8a790286ad6d24cf92e7ab0ab2582bb"}, {"url": "https://git.kernel.org/stable/c/a11e5b3e7a59fde1a90b0eaeaa82320495cf8cae"}], "title": "tcp: Fix data-races around sysctl_tcp_max_reordering.", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix data-races around sysctl_tcp_max_reordering.\n\nWhile reading sysctl_tcp_max_reordering, it can be changed\nconcurrently. Thus, we need to add READ_ONCE() to its readers."}], "id": "CVE-2022-49571", "lastModified": "2025-02-26T07:01:32.780", "metrics": {}, "published": "2025-02-26T07:01:32.780", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/064852663308c801861bd54789d81421fa4c2928"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/46deb91ac8a790286ad6d24cf92e7ab0ab2582bb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/50a1d3d097503a90cf84ebe120afcde37e9c33b3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5e38cee24f19d19280c68f1ac8bf6790d607f60a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a11e5b3e7a59fde1a90b0eaeaa82320495cf8cae"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ce3731c61589ed73364a5b55ce34131762ef9b60"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"bugzilla": {"description": "kernel: tcp: Fix data-races around sysctl_tcp_max_reordering.", "id": "2347648", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347648"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:L", "status": "draft"}, "cwe": "CWE-362", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ntcp: Fix data-races around sysctl_tcp_max_reordering.\nWhile reading sysctl_tcp_max_reordering, it can be changed\nconcurrently. Thus, we need to add READ_ONCE() to its readers."], "name": "CVE-2022-49571", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49571\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49571\nhttps://lore.kernel.org/linux-cve-announce/2025022606-CVE-2022-49571-74ee@gregkh/T"], "statement": "The bug is that during reading of the variable ipv4.sysctl_tcp_max_reordering potentially could read incorrect value if race happens (if simultaneously value of this variable being changed). Since corruption could happen only during reading and value of variable itself not corrupted and very complex or impossible to trigger the bug, the security impact is limited. Only root user or other privileged user can change value of this variable.", "threat_severity": "Low"}