CVE-2022-50291Linux vulnerability

5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm->rx_psock kcm->rx_psock can be read locklessly in kcm_rfree(). Annotate the read and writes accordingly. We do the same for kcm->rx_wait in the following patch. syzbot reported: BUG: KCSAN: data-race in kcm_rfree / unreserve_rx_kcm write to 0xffff888123d827b8 of 8 bytes by task 2758 on cpu 1: unreserve_rx_kcm+0x72/0x1f0 net/kcm/kcmsock.c:313 kcm_rcv_strparser+0x2b5/0x3a0 net/kcm/kcmsock.c

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.64.9.332+7
Debianlinux/linux_kernel< 5.10.158-1+3
CVEListV5linux/linuxab7ac4eb9832e32a09f4e8042705484d2fb0aad313dba69e18d04c8eec7596369f2a0596b0260275+8
debiandebian/linux< linux 6.0.7-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50291: In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm->rx_psock kcm->rx_psock can be read locklessly2025-09-15
GHSA
GHSA-mmh8-jm99-qhpc: In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm->rx_psock kcm->rx_psock can be read lockless2025-09-15

📋Vendor Advisories

2
Red Hat
kernel: kcm: annotate data-races around kcm->rx_psock2025-09-15
Debian
CVE-2022-50291: linux - In the Linux kernel, the following vulnerability has been resolved: kcm: annota...2022
CVE-2022-50291 — Linux vulnerability | cvebase