CVE-2022-49595
📋 TL;DR
This CVE describes a race condition vulnerability in the Linux kernel's TCP implementation where the sysctl_tcp_probe_threshold variable can be read while being modified concurrently, potentially causing inconsistent behavior. It affects Linux systems with vulnerable kernel versions. The vulnerability requires local access to exploit.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System instability, kernel panic, or denial of service due to inconsistent TCP probe threshold values leading to network performance degradation.
Likely Case
Minor system instability or performance issues in TCP networking under specific race conditions.
If Mitigated
Minimal impact with proper kernel patching and standard security controls.
🎯 Exploit Status
Race conditions are difficult to exploit reliably and require local system access.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits: 44768749980d53bc01980d9c060f736808d11af0, 92c0aa4175474483d6cf373314343d4e624e882a, 96900fa61777402eb5056269d8000aace33a8b6c, 9b5dc7ad6da1373d3c60d4b869d688f996e5d219, b04817c94fbd285a967d9b830b274fe9998c9c0b
Vendor Advisory: https://git.kernel.org/stable/c/44768749980d53bc01980d9c060f736808d11af0
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Restrict local access
linuxLimit local user access to systems to reduce attack surface.
🧯 If You Can't Patch
- Implement strict access controls to limit local user privileges
- Monitor system logs for unusual behavior or instability
🔍 How to Verify
Check if Vulnerable:
Check kernel version with 'uname -r' and compare with affected versions from git commitsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version after update and ensure it includes the fix commits📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- System instability reports
- TCP performance degradation
Network Indicators:
- Unusual TCP connection behavior
SIEM Query:
Search for kernel panic events or system instability reports in system logs🔗 References
- https://git.kernel.org/stable/c/44768749980d53bc01980d9c060f736808d11af0
- https://git.kernel.org/stable/c/92c0aa4175474483d6cf373314343d4e624e882a
- https://git.kernel.org/stable/c/96900fa61777402eb5056269d8000aace33a8b6c
- https://git.kernel.org/stable/c/9b5dc7ad6da1373d3c60d4b869d688f996e5d219
- https://git.kernel.org/stable/c/b04817c94fbd285a967d9b830b274fe9998c9c0b
- https://git.kernel.org/stable/c/d452ce36f2d4c402fa3f5275c9677f80166e7fc6
- https://git.kernel.org/stable/c/f524c3e7f6cdad66b3b6a912cef47b656f8b0de3
- https://git.kernel.org/stable/c/fa5fb2cf9393db898772db8cb897ed5fd265eb78
