CVE-2022-48786

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.9.y

Description The issue is related to the vsock component of the Linux kernel, where a signal interrupting a connection can lead to the socket being added to the connected table multiple times, causing list corruption. This happens when the vsock connect() function expects the socket to be in the TCP ESTABLISHED state upon waking up with a pending signal. To prevent this, the vsock remove connected() function is called when a signal is received during a connection attempt. The vulnerability can be exploited to cause a denial of service.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the patch for the vsock component, which requires the patch d5afa82c977e ("vsock: correct removal of socket from the list") to be applied. This patch is included in all current stable trees except 4.9.y. As a temporary workaround, consider disabling the vsock connect() function until a patch is available.