CVE-2022-49561

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49561
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49561.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49561
Downstream
Related
Published
2025-02-26T02:14:06.030Z
Modified
2026-03-12T03:25:24.040003Z
Summary
netfilter: conntrack: re-fetch conntrack after insertion
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: conntrack: re-fetch conntrack after insertion

In case the conntrack is clashing, insertion can free skb->_nfct and set skb->_nfct to the already-confirmed entry.

This wasn't found before because the conntrack entry and the extension space used to free'd after an rcu grace period, plus the race needs events enabled to trigger.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49561.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
71d8c47fc653711c41bc3282e5b0e605b3727956
Fixed
e97222b785e70e8973281666d709baad6523d8af
Fixed
92a999d1963eed0df666284e20055136ceabd12f
Fixed
b16bb373988da3ceb0308381634117e18b6ec60d
Fixed
91a36ec160ec1a0c8f5352b772dffcbb0b6023e3
Fixed
01989d7eebb61c99bd4b88ebc8e261bd2f02caed
Fixed
04f9e9104c969d8ce10a4a43634f641ed082092d
Fixed
04e4a11dc723c52db7a36dc58f0d69ce6426f8f0
Fixed
56b14ecec97f39118bf85c9ac2438c5a949509ed

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49561.json"