Login Sign Up

CVE-2022-49590

4.7 MEDIUM

📋 TL;DR

This CVE addresses a race condition vulnerability in the Linux kernel's IGMP (Internet Group Management Protocol) implementation. When reading the sysctl_igmp_llm_reports variable, concurrent modifications could lead to inconsistent data reads, potentially causing incorrect IGMP report handling. This affects Linux systems with IGMP functionality enabled.

💻 Affected Systems

Products:
  • Linux Kernel
Versions: Specific affected kernel versions not explicitly stated in CVE, but patches are available in stable kernel trees
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires IGMP functionality to be enabled and used. Most Linux systems have IGMP enabled by default for multicast networking.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could potentially manipulate IGMP report timing to cause denial of service, network instability, or disrupt multicast communication on affected systems.

🟠

Likely Case

Most likely impact is inconsistent IGMP behavior, potentially causing temporary multicast communication issues or minor network instability.

🟢

If Mitigated

With proper kernel patches applied, the race condition is eliminated, preventing any data inconsistency issues.

🌐 Internet-Facing: LOW - This vulnerability requires local access or network position to exploit, and impact is limited to multicast functionality.
🏢 Internal Only: MEDIUM - Internal attackers with network access could potentially disrupt multicast services on affected systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH - Requires precise timing and network access to trigger race condition

This is a race condition vulnerability requiring specific timing to exploit. No public exploits have been reported.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (commits: 1656ecaddf90e2a070ec2d2404cdae3edf80faca, 260446eb8e5541402b271343a4516f2b33dec1e4, 46307adceb67bdf2ec38408dd9cebc378a6b5c46, 473aad9ad57ff760005377e6f45a2ad4210e08ce, a84b4afaca2573ed3aed1f8854aefe3ca5a82e72)

Vendor Advisory: https://git.kernel.org/stable/c/1656ecaddf90e2a070ec2d2404cdae3edf80faca

Restart Required: Yes

Instructions:

1. Update to latest stable kernel version containing the fix. 2. Check your distribution's security advisories for specific patched kernel packages. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable IGMP functionality

linux

Disable IGMP multicast support if not required

echo 0 > /proc/sys/net/ipv4/igmp_llm_reports
sysctl -w net.ipv4.igmp_llm_reports=0

🧯 If You Can't Patch

  • Implement network segmentation to limit multicast traffic to trusted networks
  • Monitor system logs for unusual IGMP activity or network instability

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare against patched versions from your distribution. Vulnerable if using unpatched kernel with IGMP enabled.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or check with 'sysctl net.ipv4.igmp_llm_reports' to ensure proper handling

📡 Detection & Monitoring

Log Indicators:

  • Kernel logs showing IGMP errors or race condition warnings
  • Network instability logs related to multicast

Network Indicators:

  • Unusual IGMP packet patterns
  • Multicast communication failures

SIEM Query:

source="kernel" AND ("IGMP" OR "multicast") AND ("error" OR "warning" OR "race")

📊 Metadata

CVE ID: CVE-2022-49590
CVSS v3 Score: 4.7 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-362
EPSS Score: 0.03% exploit probability (7.2th percentile)
Published: February 26, 2025
Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49590, you might also want to check these:

CVE-2025-43275 9.8

A race condition vulnerability in macOS allows malicious applications to escape their sandbox restri...

Same vulnerability type (CWE-362)
CVE-2021-32810 9.8

A race condition in crossbeam-deque Rust library versions before 0.7.4 and 0.8.0 allows tasks in wor...

Same vulnerability type (CWE-362)
CVE-2025-30444 9.8

A race condition vulnerability in macOS SMB client allows attackers to cause system termination (ker...

Same vulnerability type (CWE-362)