CVE-2022-1678

Name of the Vulnerable Software and Affected Versions Linux Kernel versions 4.18 through 4.19

Description An issue in the Linux Kernel can lead to memory/netns leak due to an improper update of sock reference in TCP pacing. This can be exploited by remote clients, potentially causing a denial of service. The issue is related to errors in memory usage after release in the TCP Pace Handler component, specifically in the tcp internal pacing function in the net/ipv4/tcp output.c file.

Recommendations For Linux Kernel versions 4.18 through 4.19, consider disabling the tcp internal pacing function as a temporary workaround to minimize the risk of exploitation. Restrict access to the TCP Pace Handler component to reduce the likelihood of remote clients causing a denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.