PT-2022-7127 · Linux+8 · Linux Kernel+8

Eric Dumazet

+1

·

Published

2022-10-06

·

Updated

2026-03-14

·

CVE-2022-3566

CVSS v3.1

7.1

High

VectorAV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)
Description A vulnerability in the Linux Kernel is related to synchronization errors when using a shared resource in the tcp getsockopt and tcp setsockopt functions of the TCP Handler component. This issue can lead to a race condition, potentially allowing a remote attacker to impact the confidentiality, integrity, or availability of information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALSA-2023:2148
ALSA-2023:2458
ALSA-2023:2736
ALSA-2023:2951
BDU:2023-07690
CESA-2023_2736
CESA-2023_2951
CVE-2022-3566
OESA-2022-2025
OESA-2022-2026
OESA-2022-2033
OPENSUSE-SU-2022_4504-1
OPENSUSE-SU-2022_4585-1
OPENSUSE-SU-2022_4617-1
RHSA-2023:2148
RHSA-2023:2458
RHSA-2023:2736
RHSA-2023:2951
RHSA-2023_2148
RHSA-2023_2458
RHSA-2023_2736
RHSA-2023_2951
RHSA-2024:0724
SUSE-SU-2022:4504-1
SUSE-SU-2022:4585-1
SUSE-SU-2022:4617-1
SUSE-SU-2023:0416-1
SUSE-SU-2023:2501-1
SUSE-SU-2023:2502-1
SUSE-SU-2023:2507-1
SUSE-SU-2023:2534-1
SUSE-SU-2023:2537-1
SUSE-SU-2023:2538-1
SUSE-SU-2023:2611-1
SUSE-SU-2023:2651-1
SUSE-SU-2023:2805-1
SUSE-SU-2023_2501-1
SUSE-SU-2023_2507-1
SUSE-SU-2023_2534-1
SUSE-SU-2023_2537-1
SUSE-SU-2023_2538-1
USN-5754-1
USN-5754-2
USN-5755-1
USN-5755-2
USN-5756-1
USN-5756-2
USN-5756-3
USN-5757-1
USN-5757-2
USN-5758-1
USN-5773-1
USN-5774-1
USN-5779-1
USN-5789-1

Affected Products

Almalinux
Astra Linux
Centos
Debian
Linux Kernel
Linuxmint
Red Hat
Suse
Ubuntu