CVE-2022-49732
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49732
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49732.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49732
- Downstream
- Related
- Published
- 2025-02-26T14:57:24Z
- Modified
- 2025-10-16T00:27:54.101103Z
- Summary
- sock: redo the psock vs ULP protection check
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
sock: redo the psock vs ULP protection check
Commit 8a59f9d1e3d4 ("sock: Introduce sk->skprot->psockupdateskprot()") has moved the inetcskhasulp(sk) check from skpsockinit() to the new tcpbpfupdateproto() function. I'm guessing that this was done to allow creating psocks for non-inet sockets.
Unfortunately the destruction path for psock includes the ULP unwind, so we need to fail the skpsockinit() itself. Otherwise if ULP is already present we'll notice that later, and call tcpupdateulp() with the sk_proto of the ULP itself, which will most likely result in the ULP looping its callbacks.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8a59f9d1e3d4340659fdfee8879dc09a6f2546e1Fixed72fa0f65b56605b8a9ae9fba2082f2123f7fe017
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8a59f9d1e3d4340659fdfee8879dc09a6f2546e1Fixed922309e50befb0cfa5cb65e4989b7706d6578846
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8a59f9d1e3d4340659fdfee8879dc09a6f2546e1Fixede34a07c0ae3906f97eb18df50902e2a01c1015b6
Affected versions
v5.*
v5.12
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.2
v5.18.3
v5.18.4
v5.18.5
v5.18.6
v5.18.7
v5.19-rc1
v5.19-rc2