CVE-2022-49698

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49698

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49698.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-49698

Downstream

DEBIAN-CVE-2022-49698

RHSA-2022:7683

RHSA-2022:8267

UBUNTU-CVE-2022-49698

Published

2025-02-26T07:01:44Z

Modified

2025-08-09T19:01:26Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: use getrandomu32 instead of prandom

bh might occur while updating per-cpu rndstate from user context, ie. localout path.

BUG: using smpprocessorid() in preemptible [00000000] code: nginx/2725 caller is nftngrandomeval+0x24/0x54 [nftnumgen] Call Trace: checkpreemptiondisabled+0xde/0xe0 nftngrandomeval+0x24/0x54 [nftnumgen]

Use the random driver instead, this also avoids need for local prandom state. Moreover, prandom now uses the random driver since d4150779e60f ("random32: use real rng for non-deterministic randomness").

Based on earlier patch from Pablo Neira.

References

Affected packages