Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning as of commit 4608fdfc07e1 ("netfilter: conntrack: collect all entries in one cycle") conntrack gc was changed to run every 2 minutes. On systems where conntrack hash table is set to large value, most evictions happen from gc worker rather than the packet path due to hash table distribution. This causes netlink event overflows when events are collected. This change collects average expiry of scanned entries and reschedules to the average remaining value, within 1 to 60 second interval. To avoid event overflows, reschedule after each bucket and add a limit for both run time and number of evictions per run. If more entries have to be evicted, reschedule and restart 1 jiffy into the future.

INFO

Published Date :

2025-02-26T01:54:55.998Z

Last Modified :

2025-12-23T13:21:57.815Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49110 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49110.

URL Resource
https://git.kernel.org/stable/c/2cfadb761d3d0219412fd8150faea60c7e863833 cve-icon cve-icon
https://git.kernel.org/stable/c/58d52743ae85d28c9335c6034d6ce350b8689951 cve-icon cve-icon
https://git.kernel.org/stable/c/592e57591826f3d09c28d755a39ea8e9d13705ad cve-icon cve-icon
https://git.kernel.org/stable/c/7cd361d5e6d986c0d4cafb9ceaa803359048ae15 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2022-49110-5519@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49110 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49110 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact