CVE-2022-49775

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0

Description A double-free vulnerability has been identified in the Linux kernel, specifically in the tcp cdg release() function. This issue can be triggered when mptcp calls tcp disconnect() on an already disconnected flow, and the current congestion control is set to CDG. The vulnerability can cause a double-free error, leading to a potential crash or code execution. The issue is generally fine unless the current congestion control is CDG.

Recommendations To resolve this issue, make tcp disconnect() more resilient to prevent double-free errors. As a temporary workaround, consider disabling the tcp cdg release() function until a patch is available. Restrict access to the vulnerable tcp cdg module to minimize the risk of exploitation. Avoid using the CDG congestion control algorithm in the affected API endpoints until the issue is resolved.

Note: At the moment, there is no information about a newer version that contains a fix for this vulnerability.