CVE-2022-49325

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49325
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49325.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49325
Downstream
Related
Published
2025-02-26T02:10:48.158Z
Modified
2026-04-11T12:43:52.723475Z
Summary
tcp: add accessors to read/set tp->snd_cwnd
Details

In the Linux kernel, the following vulnerability has been resolved:

tcp: add accessors to read/set tp->snd_cwnd

We had various bugs over the years with code breaking the assumption that tp->snd_cwnd is greater than zero.

Lately, syzbot reported the WARNONONCE(!tp->priorcwnd) added in commit 8b8a321ff72c ("tcp: fix zero cwnd in tcpcwnd_reduction") can trigger, and without a repro we would have to spend considerable time finding the bug.

Instead of complaining too late, we want to catch where and when tp->snd_cwnd is set to an illegal value.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49325.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5d424d5a674f782d0659a3b66d951f412901faee
Fixed
3308676ec525901bf1656014003c443a60730a04
Fixed
5aba0ad44fb4a7fb78c5076c313456de199a3c29
Fixed
41e191fe72282e193a7744e2fc1786b23156c9e4
Fixed
40570375356c874b1578e05c1dcc3ff7c1322dbe

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49325.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.17
Fixed
5.15.47
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.17.15
Type
ECOSYSTEM
Events
Introduced
5.18.0
Fixed
5.18.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49325.json"