Linux · Linux Kernel · CVE-2022-48785
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 5.15.19-cloudflare-2022.2.1
**Description**
The vulnerability is related to the `mld newpack()` function in the `net/ipv6/mcast.c` module of the Linux kernel's IPv6 implementation. It is caused by incorrect synchronization, which can lead to a denial of service. The issue arises from the use of an rcu-unsafe version of `ipv6 get lladdr()` after external locks were removed. This can result in a general protection fault and cause the machine to crash or stall.
**Recommendations**
To resolve the issue, update the Linux kernel to a version that includes the fix for the `ipv6: mcast: use rcu-safe version of ipv6 get lladdr()` vulnerability.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.