CVE-2022-49639

In the Linux kernel, the following vulnerability has been resolved:

cipso: Fix data-races around sysctl.

While reading cipso sysctl variables, they can be changed concurrently.
So, we need to add READ_ONCE() to avoid data-races.
Race Condition
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.7 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
VendorProductVersion
linuxlinux_kernel
2.6.19 ≤
𝑥
< 4.9.324
linuxlinux_kernel
4.10 ≤
𝑥
< 4.14.289
linuxlinux_kernel
4.15 ≤
𝑥
< 4.19.253
linuxlinux_kernel
4.20 ≤
𝑥
< 5.4.207
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.132
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.56
linuxlinux_kernel
5.16 ≤
𝑥
< 5.18.13
linuxlinux_kernel
5.19:rc1
linuxlinux_kernel
5.19:rc2
linuxlinux_kernel
5.19:rc3
linuxlinux_kernel
5.19:rc4
linuxlinux_kernel
5.19:rc5
linuxlinux_kernel
5.19:rc6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/07b0caf8aeb9b82e6ecc6c292a3e47c7fcdb1148
https://git.kernel.org/stable/c/0e41a0f73ccb9be112a80bde3804a771633caaef
https://git.kernel.org/stable/c/2764f82bbc158d106693ae3ced3675cf4b963b35
https://git.kernel.org/stable/c/59e26906b89cc35bb54476498772b45cbc32323f
https://git.kernel.org/stable/c/c321e99d2725d11f7e6a4ebd9ce752259f0bae81
https://git.kernel.org/stable/c/ca26ca5e2f3eeb3e6fe699cd6effa3b4b2aa8698
https://git.kernel.org/stable/c/dd44f04b9214adb68ef5684ae87a81ba03632250
https://git.kernel.org/stable/c/fe2a35fa2c4f9c8ce5ef970eb927031387f9446a