CVE-2022-1247

Name of the Vulnerable Software and Affected Versions linux-kernel (affected versions not specified)

Description The issue is related to a race condition in the rose connect() function. It affects the rose driver, which utilizes rose neigh->use to track the number of objects using rose neigh. When attempting to delete a rose route via rose ioctl(), the driver calls rose del node() and removes neighbors only if their count and use are zero. This vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information due to synchronization errors when using shared resources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.