CVE-2022-49877

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49877

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49877.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-49877

Related

UBUNTU-CVE-2022-49877

Published

2025-05-01T15:16:12Z

Modified

2025-05-02T14:45:34.636721Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

bpf, sockmap: Fix the sk->skforwardalloc warning of skstreamkill_queues

When running test_sockmap selftests, the following warning appears:

WARNING: CPU: 2 PID: 197 at net/core/stream.c:205 skstreamkillqueues+0xd3/0xf0 Call Trace: <TASK> inetcskdestroysock+0x55/0x110 tcprcvstateprocess+0xd28/0x1380 ? tcpv4dorcv+0x77/0x2c0 tcpv4dorcv+0x77/0x2c0 _releasesock+0x106/0x130 _tcpclose+0x1a7/0x4e0 tcpclose+0x20/0x70 inetrelease+0x3c/0x80 _sockrelease+0x3a/0xb0 sockclose+0x14/0x20 _fput+0xa3/0x260 taskworkrun+0x59/0xb0 exittousermodeprepare+0x1b3/0x1c0 syscallexittousermode+0x19/0x50 dosyscall64+0x48/0x90 entrySYSCALL64after_hwframe+0x44/0xae

The root case is in commit 84472b436e76 ("bpf, sockmap: Fix more uncharged while msg has more_data"), where I used msg->sg.size to replace the tosend, causing breakage:

if (msg->applybytes && msg->applybytes < tosend) tosend = psock->apply_bytes;

References

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.158-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

5.10.127-1

5.10.127-2~bpo10+1

5.10.127-2

5.10.136-1

5.10.140-1

5.10.148-1

5.10.149-1

5.10.149-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.0.10-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.0.10-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}