PT-2025-8038 · Linux+3 · Linux Kernel+3

Karel Rericha

Published

2022-01-01

Updated

2026-03-14

CVE-2022-49110

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel's netfilter conntrack module has been resolved. The issue caused netlink event overflows when events were collected due to the conntrack hash table distribution. This occurred when the hash table was set to a large value, resulting in most evictions happening from the gc worker rather than the packet path. The problem was addressed by changing the conntrack gc to run every 2 minutes and collecting the average expiry of scanned entries to reschedule the gc worker. To prevent event overflows, the gc worker now reschedules after each bucket and has limits for both run time and number of evictions per run.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

BDU:2026-01255

CVE-2022-49110

OPENSUSE-SU-2025_01620-1

OPENSUSE-SU-2025_01640-1

SUSE-SU-2025:01620-1

SUSE-SU-2025:01640-1

SUSE-SU-2025:01918-1

SUSE-SU-2025:01982-1

SUSE-SU-2025:01995-1

SUSE-SU-2025:02262-1

SUSE-SU-2025_01620-1

SUSE-SU-2025_01982-1

SUSE-SU-2025_02262-1

Affected Products

Astra Linux

Debian

Linux Kernel

Suse

PT-2025-8038 · Linux+3 · Linux Kernel+3

CVE-2022-49110

Weakness Enumeration

Related Identifiers

Affected Products

References · 544