CVE-2022-49572

high

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. While reading sysctl_tcp_slow_start_after_idle, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers.

References

https://git.kernel.org/stable/c/68b6f9506747d507c7bfa374d178929b4157e8c6

https://git.kernel.org/stable/c/4845b5713ab18a1bb6e31d1fbb4d600240b8b691

https://git.kernel.org/stable/c/41aeba4506f6b70ec7500c6fe202731a4ba29fe5

https://git.kernel.org/stable/c/3b26e11b07a09b31247688bec61e2925d4a571b6

https://git.kernel.org/stable/c/369d99c2b89f54473adcf9acdf40ea562b5a6e0e

https://git.kernel.org/stable/c/0e3f82a03ec8c3808e87283e12946227415706c9

Details

Source: Mitre, NVD

Published: 2025-02-26

Updated: 2025-02-26

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High