CVE-2022-49204

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been identified, related to the bpf and sockmap components. The issue arises when the tcp bpf send verdict() function is called, and the msg has more data after tcp bpf sendmsg redir(). This can cause the msg->sg.size to be uncharged twice, leading to potential problems. The vulnerability can result in warnings, such as WARNING: CPU: 0 PID: 9860 at net/core/stream.c:208 sk stream kill queues+0xd4/0x1a0 and WARNING: CPU: 0 PID: 2136 at net/ipv4/af inet.c:155 inet sock destruct+0x13c/0x260, and may cause issues with socket destruction and TCP closure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.