CVE-2022-49325

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49325
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49325.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49325
Downstream
Related
Published
2025-02-26T02:10:48.158Z
Modified
2026-03-20T12:22:21.088782Z
Summary
tcp: add accessors to read/set tp->snd_cwnd
Details

In the Linux kernel, the following vulnerability has been resolved:

tcp: add accessors to read/set tp->snd_cwnd

We had various bugs over the years with code breaking the assumption that tp->snd_cwnd is greater than zero.

Lately, syzbot reported the WARNONONCE(!tp->priorcwnd) added in commit 8b8a321ff72c ("tcp: fix zero cwnd in tcpcwnd_reduction") can trigger, and without a repro we would have to spend considerable time finding the bug.

Instead of complaining too late, we want to catch where and when tp->snd_cwnd is set to an illegal value.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49325.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5d424d5a674f782d0659a3b66d951f412901faee
Fixed
3308676ec525901bf1656014003c443a60730a04
Fixed
5aba0ad44fb4a7fb78c5076c313456de199a3c29
Fixed
41e191fe72282e193a7744e2fc1786b23156c9e4
Fixed
40570375356c874b1578e05c1dcc3ff7c1322dbe

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49325.json"