CVE-2022-49330

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the issue described.

Description A bug in the Linux kernel's TCP implementation could lead to potential zero-divides due to the tcp snd cwnd value being reduced after an MTU probe has started but before it succeeds. This issue was identified through a report from syzbot, which pointed to an old bug introduced in the initial support for MTU probing. The bug is related to the tcp mtu probe function and its checks for starting an MTU probe based on the tcp snd cwnd value. Debugging efforts, including the addition of accessors to read and set tp->snd cwnd, have helped in addressing this issue. Additionally, potential overflows in the related code have been addressed.

Recommendations For Linux kernel versions prior to the fixed version, consider applying the patch that fixes the tcp mtup probe success function to prevent potential zero-divides and overflows. As a temporary workaround, consider restricting the use of MTU probing in TCP connections until a patched version of the kernel is available.