PT-2025-8077 · Linux+1 · Linux Kernel+1
Marc Dionne
·
Published
2022-03-30
·
Updated
2025-03-03
·
CVE-2022-49149
CVSS v3.1
4.7
Medium
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A issue in the Linux kernel has been resolved, related to the rxrpc call struct timer. The timer can be started from packet input routines running in softirq mode with only the RCU read lock held, allowing the call to be destroyed at the same time a packet is processed, causing the timer to be restarted after being stopped. This can lead to an oops if the timer is deallocated first. The issue is fixed by taking a ref on the rxrpc call struct and passing it to the timer, which is then passed to the call's work item when queued.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Linux Kernel