We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2022-49957

kcm: fix strp_init() order and cleanup



Description

In the Linux kernel, the following vulnerability has been resolved: kcm: fix strp_init() order and cleanup strp_init() is called just a few lines above this csk->sk_user_data check, it also initializes strp->work etc., therefore, it is unnecessary to call strp_done() to cancel the freshly initialized work. And if sk_user_data is already used by KCM, psock->strp should not be touched, particularly strp->work state, so we need to move strp_init() after the csk->sk_user_data check. This also makes a lockdep warning reported by syzbot go away.

Reserved 2025-06-18 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status
unaffected

44890e9ff771ef11777b2d1ebf8589255eb12502 before 473f394953216614087f4179e55cdf0cf616a13b
affected

e5571240236c5652f3e079b1d5866716a7ad819c before a8a0c321319ad64a5427d6172cd9c23b4d6ca1e8
affected

e5571240236c5652f3e079b1d5866716a7ad819c before 0946ff31d1a8778787bf6708beb20f38715267cc
affected

e5571240236c5652f3e079b1d5866716a7ad819c before 1b6666964ca1de93a7bf06e122bcf3616dbd33a9
affected

e5571240236c5652f3e079b1d5866716a7ad819c before 55fb8c3baa8071c5d533a9ad48624e44e2a04ef5
affected

e5571240236c5652f3e079b1d5866716a7ad819c before f865976baa85915c7672f351b74d5974b93215f6
affected

e5571240236c5652f3e079b1d5866716a7ad819c before 8fc29ff3910f3af08a7c40a75d436b5720efe2bf
affected

085cbbda4b4cc7dd2ba63806346881c2c2e10107
affected

383250363daf01eb7aa3728c09ef8a4f6d8a3252
affected

19042316b9e12c93bf334a04d4dd7a4e846c7311
affected

Default status
affected

4.15
affected

Any version before 4.15
unaffected

4.14.293
unaffected

4.19.258
unaffected

5.4.213
unaffected

5.10.142
unaffected

5.15.66
unaffected

5.19.8
unaffected

6.0
unaffected

References

git.kernel.org/...c/473f394953216614087f4179e55cdf0cf616a13b

git.kernel.org/...c/a8a0c321319ad64a5427d6172cd9c23b4d6ca1e8

git.kernel.org/...c/0946ff31d1a8778787bf6708beb20f38715267cc

git.kernel.org/...c/1b6666964ca1de93a7bf06e122bcf3616dbd33a9

git.kernel.org/...c/55fb8c3baa8071c5d533a9ad48624e44e2a04ef5

git.kernel.org/...c/f865976baa85915c7672f351b74d5974b93215f6

git.kernel.org/...c/8fc29ff3910f3af08a7c40a75d436b5720efe2bf

cve.org (CVE-2022-49957)

nvd.nist.gov (CVE-2022-49957)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2022-49957

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.