CVE-2022-49698
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49698
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49698.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49698
- Related
- Published
- 2025-02-26T07:01:44Z
- Modified
- 2025-02-26T19:03:56.285773Z
- Downstream
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: use getrandomu32 instead of prandom
bh might occur while updating per-cpu rndstate from user context, ie. localout path.
BUG: using smpprocessorid() in preemptible [00000000] code: nginx/2725 caller is nftngrandomeval+0x24/0x54 [nftnumgen] Call Trace: checkpreemptiondisabled+0xde/0xe0 nftngrandomeval+0x24/0x54 [nftnumgen]
Use the random driver instead, this also avoids need for local prandom state. Moreover, prandom now uses the random driver since d4150779e60f ("random32: use real rng for non-deterministic randomness").
Based on earlier patch from Pablo Neira.
- References
-
- https://git.kernel.org/stable/c/15cc30ac2a8d7185f8ebf97dd1ddd90a7c79783b
- https://git.kernel.org/stable/c/6ce71f83f798be7e1ca68707fec449fbecb38852
- https://git.kernel.org/stable/c/b1fd94e704571f98b21027340eecf821b2bdffba
- https://git.kernel.org/stable/c/d0906b0fffc9f19bc42708ca3e84e2089088386c
- https://security-tracker.debian.org/tracker/CVE-2022-49698
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.127-1
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source