CVE-2022-49344

MEDIUM EPSS 8.0%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
4.7 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix a data-race in unix_dgram_peer_wake_me(). unix_dgram_poll() calls unix_dgram_peer_wake_me() without `other`'s lock held and check if its receive queue is full. Here we need to use unix_recvq_full_lockless() instead of unix_recvq_full(), otherwise KCSAN will report a data-race.

CVSS Details

Base Score
4.7
Exploitability
1.0
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-362

Affected Products 15

VendorProductVersionRange
linuxlinux_kernel*≥3.2.75  –  <3.3
linuxlinux_kernel*≥3.4.111  –  <3.5
linuxlinux_kernel*≥3.10.95  –  <3.11
linuxlinux_kernel*≥3.12.52  –  <3.13
linuxlinux_kernel*≥3.14.59  –  <3.15
linuxlinux_kernel*≥3.18.26  –  <3.19
linuxlinux_kernel*≥4.1.15  –  <4.2
linuxlinux_kernel*≥4.2.8  –  <4.3
linuxlinux_kernel*≥4.3.3  –  <4.19.247
linuxlinux_kernel*≥4.20  –  <5.4.198
linuxlinux_kernel*≥5.5  –  <5.10.122
linuxlinux_kernel*≥5.11  –  <5.15.47
linuxlinux_kernel*≥5.16  –  <5.17.15
linuxlinux_kernel*≥5.18  –  <5.18.4
linuxlinux_kernel5.19any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/556720013c36c193d9cbfb06e7b33e51f0c39fbf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/662a80946ce13633ae90a55379f1346c10f0c432
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/71e8bfc7f838cabc60cba24e09ca84c4f8321ab2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8801eb3ccd2e4e3b1a01449383e3321ae6dbd9d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/95f0ba806277733bf6024e23e27e1be773701cca
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c61848500a3fd6867dfa4834b8c7f97133eceb9f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c926ae58f24f7bd55aa2ea4add9f952032507913
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/556720013c36c193d9cbfb06e7b33e51f0c39fbf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/662a80946ce13633ae90a55379f1346c10f0c432
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/71e8bfc7f838cabc60cba24e09ca84c4f8321ab2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8801eb3ccd2e4e3b1a01449383e3321ae6dbd9d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/95f0ba806277733bf6024e23e27e1be773701cca
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c61848500a3fd6867dfa4834b8c7f97133eceb9f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c926ae58f24f7bd55aa2ea4add9f952032507913
    Patch