2143943 – (CVE-2022-3567) CVE-2022-3567 kernel: data races around sk->sk_prot

Bug 2143943 (CVE-2022-3567) - CVE-2022-3567 kernel: data races around sk->sk_prot

Summary: CVE-2022-3567 kernel: data races around sk->sk_prot

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2022-3567
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2135319 2144803 2144804 2144805 2144806
Blocks:	2144817
TreeView+	depends on / blocked

Reported:	2022-11-18 12:54 UTC by Rohit Keshri
Modified:	2023-05-16 21:44 UTC (History)
CC List:	51 users (show)
Fixed In Version:	kernel 6.1 rc1
Doc Type:	If docs needed, set a value
Doc Text:	A data race problem was found in sk->sk_prot in the network subsystem in ipv6 in the Linux kernel. This issue occurs while some functions access critical data, leading to a denial of service.
Clone Of:
Environment:
Last Closed:	2023-05-16 21:44:29 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2023:2148	None	None	None	2023-05-09 07:12:25 UTC
Red Hat Product Errata	RHSA-2023:2458	None	None	None	2023-05-09 07:52:02 UTC
Red Hat Product Errata	RHSA-2023:2736	None	None	None	2023-05-16 08:05:39 UTC
Red Hat Product Errata	RHSA-2023:2951	None	None	None	2023-05-16 08:34:27 UTC

Description Rohit Keshri 2022-11-18 12:54:27 UTC

Some functions in inet6_(stream|dgram)_ops still access sk->sk_prot
without lock_sock() or rtnl_lock()causing data races around sk->sk_prot.

Reference:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=364f997b5cfe1db0d63a390fe7c801fa2b3115f6

Comment 10 errata-xmlrpc 2023-05-09 07:12:21 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:2148 https://access.redhat.com/errata/RHSA-2023:2148

Comment 11 errata-xmlrpc 2023-05-09 07:51:58 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:2458 https://access.redhat.com/errata/RHSA-2023:2458

Comment 12 errata-xmlrpc 2023-05-16 08:05:35 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:2736 https://access.redhat.com/errata/RHSA-2023:2736

Comment 13 errata-xmlrpc 2023-05-16 08:34:23 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:2951 https://access.redhat.com/errata/RHSA-2023:2951

Comment 14 Product Security DevOps Team 2023-05-16 21:44:25 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-3567

Note You need to log in before you can comment on or make changes to this bug.

acaringi
adscvr
airlied
alciregi
bhu
brdeoliv
bskeggs
chwhite
crwood
ddepaula
debarbos
dvlasenk
ezulian
gnault
hdegoede
hkrzesin
hpa
jarod
jarodwilson
jburrell
jfaracco
jferlan
jforbes
jglisse
jlelli
joe.lawrence
jonathan
josef
jshortt
jstancek
jwboyer
jwyatt
kcarcia
kernel-maint
kernel-mgr
lgoncalv
linville
lleshchi
lzampier
masami256
mchehab
nmurray
ptalbert
qzhao
rvrbovsk
scweaver
steved
tyberry
vkumar
walters
williams