CVE-2022-49814

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition issue has been resolved in the Linux kernel related to KCM sockets. The sk->sk receive queue is protected by the skb queue lock, but for KCM sockets, the RX path takes mux->rx lock to protect more than just the skb queue. However, kcm recvmsg() still only grabs the skb queue lock, leading to potential race conditions. To address this, the code has been modified to enforce the skb queue lock in requeue rx msgs() and handle the skb peek case carefully in kcm wait data(). The skb recv datagram() function is used to handle this case, and the unnecessary sock lock in kcm recvmsg() and kcm splice read() has been removed.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the race condition in KCM sockets. At the moment, there is no information about a newer version that contains a fix for this vulnerability.