CVE-2022-49593

tcp: Fix a data-race around sysctl_tcp_probe_interval.

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctl_tcp_probe_interval. While reading sysctl_tcp_probe_interval, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader.

Category

4.7
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/80dabd089086e6553b7acfcff2ec223bdada87a1 patch
https://git.kernel.org/stable/c/b3798d3519eda9c409bb0815b0102f27ec42468d patch
https://git.kernel.org/stable/c/73a11588751a2c13f25d9da8117efc9a79b1843f patch
https://git.kernel.org/stable/c/c61aede097d350d890fa1edc9521b0072e14a0b8 patch
https://git.kernel.org/stable/c/e6b6f027e2854a51f345a5e3e808d7a88001d4f8 patch
https://git.kernel.org/stable/c/b14cc8afbbcbc6dce4797913c0b85266b897f541 patch
https://git.kernel.org/stable/c/2a85388f1d94a9f8b5a529118a2c5eaa0520d85c patch

Frequently Asked Questions

What is the severity of CVE-2022-49593?
CVE-2022-49593 has been scored as a medium severity vulnerability.
How to fix CVE-2022-49593?
To fix CVE-2022-49593, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49593 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-49593 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49593?
CVE-2022-49593 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.