PT-2022-6279 · Linux+9 · Linux Kernel+9

William Zhao

·

Published

2022-09-23

·

Updated

2024-02-27

·

CVE-2022-4269

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration, such as redirecting egress packets to ingress using TC action "mirred", a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use, like TCP or SCTP, does a retransmission, resulting in a denial of service condition.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-833CWE-404

Related Identifiers

ALSA-2023:1469
ALSA-2023:1470
ALSA-2023:1566
ALSA-2023:1584
ALT-PU-2023-1235
BDU:2023-00718
CESA-2023_1566
CESA-2023_1584
CVE-2022-4269
DLA-3623-1
DSA-5480-1
MGASA-2023-0148
MGASA-2023-0149
OESA-2023-1187
OESA-2023-1197
OESA-2023-1210
OPENSUSE-SU-2023_2646-1
OPENSUSE-SU-2023_2871-1
RHSA-2023:1130
RHSA-2023:1202
RHSA-2023:1203
RHSA-2023:1220
RHSA-2023:1221
RHSA-2023:1469
RHSA-2023:1470
RHSA-2023:1566
RHSA-2023:1584
RHSA-2023_1469
RHSA-2023_1470
RHSA-2023_1566
RHSA-2023_1584
RLSA-2023:1469
RLSA-2023:1470
RLSA-2023:1566
RLSA-2023:1584
RXSA-2023:1566
SUSE-SU-2023:2500-1
SUSE-SU-2023:2502-1
SUSE-SU-2023:2611-1
SUSE-SU-2023:2646-1
SUSE-SU-2023:2651-1
SUSE-SU-2023:2653-1
SUSE-SU-2023:2782-1
SUSE-SU-2023:2809-1
SUSE-SU-2023:2871-1
USN-6033-1
USN-6171-1
USN-6175-1
USN-6186-1
USN-6187-1
USN-6284-1
USN-6300-1
USN-6301-1
USN-6311-1
USN-6312-1
USN-6314-1
USN-6331-1
USN-6332-1
USN-6337-1
USN-6347-1
USN-6385-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu