Vulnerability in Linux Kernel Socket Implementation
CVE-2022-49732

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 February 2025

Summary

A vulnerability in the Linux kernel's socket implementation affects the creation and handling of prototypical sockets (psocks). The issue arises from a change that altered the protection check between psocks and upper layer protocols (ULPs). This flaw can lead to improper initialization under certain conditions, causing ULPs to enter an unintended looping state. The problem highlights the critical need for thorough validation during socket management to ensure stability and security within the kernel's networking stack.

Affected Version(s)

Linux 8a59f9d1e3d4340659fdfee8879dc09a6f2546e1 < 72fa0f65b56605b8a9ae9fba2082f2123f7fe017

Linux 8a59f9d1e3d4340659fdfee8879dc09a6f2546e1 < 922309e50befb0cfa5cb65e4989b7706d6578846

Linux 8a59f9d1e3d4340659fdfee8879dc09a6f2546e1

References

https://git.kernel.org/stable/c/72fa0f65b56605b8a9ae9fba2...

https://git.kernel.org/stable/c/922309e50befb0cfa5cb65e49...

https://git.kernel.org/stable/c/e34a07c0ae3906f97eb18df50...

Timeline

Vulnerability published
Feb 26, 2025
Vulnerability Reserved
Feb 26, 2025