CVE-2022-49325

Published: Feb 26, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp->snd_cwnd We had various bugs over the years with code breaking the assumption that tp->snd_cwnd is greater than zero. Lately, syzbot reported the WARN_ON_ONCE(!tp->prior_cwnd) added in commit 8b8a321ff72c ("tcp: fix zero cwnd in tcp_cwnd_reduction") can trigger, and without a repro we would have to spend considerable time finding the bug. Instead of complaining too late, we want to catch where and when tp->snd_cwnd is set to an illegal value.

Vendor	Product	Versions
Linux	Linux	affected `5d424d5a674f782d0659a3b66d951f412901faee - < 3308676ec525901bf1656014003c443a60730a04` affected `5d424d5a674f782d0659a3b66d951f412901faee - < 5aba0ad44fb4a7fb78c5076c313456de199a3c29` affected `5d424d5a674f782d0659a3b66d951f412901faee - < 41e191fe72282e193a7744e2fc1786b23156c9e4` affected `5d424d5a674f782d0659a3b66d951f412901faee - < 40570375356c874b1578e05c1dcc3ff7c1322dbe`
Linux	Linux	affected `2.6.17` unaffected `0 - < 2.6.17` unaffected `5.15.47 - <= 5.15.` unaffected `5.17.15 - <= 5.17.` unaffected `5.18.4 - <= 5.18.*` +1 more versions

References

https://git.kernel.org/stable/c/3308676ec525901bf1656014003c443a60730a04

https://git.kernel.org/stable/c/5aba0ad44fb4a7fb78c5076c313456de199a3c29

https://git.kernel.org/stable/c/41e191fe72282e193a7744e2fc1786b23156c9e4

https://git.kernel.org/stable/c/40570375356c874b1578e05c1dcc3ff7c1322dbe

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-49325

Description

Affected Products

References