Description

In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 ("sock: Introduce sk->sk_prot->psock_update_sk_prot()") has moved the inet_csk_has_ulp(sk) check from sk_psock_init() to the new tcp_bpf_update_proto() function. I'm guessing that this was done to allow creating psocks for non-inet sockets. Unfortunately the destruction path for psock includes the ULP unwind, so we need to fail the sk_psock_init() itself. Otherwise if ULP is already present we'll notice that later, and call tcp_update_ulp() with the sk_proto of the ULP itself, which will most likely result in the ULP looping its callbacks.

INFO

Published Date :

2025-02-26T14:57:24.827Z

Last Modified :

2025-05-04T08:44:16.828Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49732 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49732.

URL Resource
https://git.kernel.org/stable/c/72fa0f65b56605b8a9ae9fba2082f2123f7fe017 cve-icon cve-icon
https://git.kernel.org/stable/c/922309e50befb0cfa5cb65e4989b7706d6578846 cve-icon cve-icon
https://git.kernel.org/stable/c/e34a07c0ae3906f97eb18df50902e2a01c1015b6 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025022619-CVE-2022-49732-fc0d@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49732 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49732 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact