Back to search
CVE-2022-49561
Published: Feb 26, 2025
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: re-fetch conntrack after insertion In case the conntrack is clashing, insertion can free skb->_nfct and set skb->_nfct to the already-confirmed entry. This wasn't found before because the conntrack entry and the extension space used to free'd after an rcu grace period, plus the race needs events enabled to trigger.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 71d8c47fc653711c41bc3282e5b0e605b3727956 - < e97222b785e70e8973281666d709baad6523d8afaffected 71d8c47fc653711c41bc3282e5b0e605b3727956 - < 92a999d1963eed0df666284e20055136ceabd12faffected 71d8c47fc653711c41bc3282e5b0e605b3727956 - < b16bb373988da3ceb0308381634117e18b6ec60daffected 71d8c47fc653711c41bc3282e5b0e605b3727956 - < 91a36ec160ec1a0c8f5352b772dffcbb0b6023e3affected 71d8c47fc653711c41bc3282e5b0e605b3727956 - < 01989d7eebb61c99bd4b88ebc8e261bd2f02caed+3 more versions |
Linux | Linux | affected 4.7unaffected 0 - < 4.7unaffected 4.14.282 - <= 4.14.*unaffected 4.19.246 - <= 4.19.*unaffected 5.4.197 - <= 5.4.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now