CVE-2022-49586

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49586
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49586.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49586
Downstream
Published
2025-02-26T02:23:21.568Z
Modified
2026-05-28T03:55:32.074583826Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
tcp: Fix data-races around sysctl_tcp_fastopen.
Details

In the Linux kernel, the following vulnerability has been resolved:

tcp: Fix data-races around sysctltcpfastopen.

While reading sysctltcpfastopen, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49586.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2100c8d2d9db23c0a09901a782bb4e3b21bee298
Fixed
03da610696a32578fc4f986479341ce9d430df08
Fixed
25d53d858a6c0b89a6e69e376c2a57c4f4c2c8cc
Fixed
22938534c611136f35e2ca545bb668073ca5ef49
Fixed
539d9ab79eba3974b479cad61a8688c41fe62e12
Fixed
448ab998947996a0a451f8229f19087964cf2670
Fixed
5a54213318c43f4009ae158347aa6016e3b9b55a

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49586.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.6.0
Fixed
4.19.254
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.208
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.134
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.58
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.18.15

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49586.json"