CVE-2022-49580

Published: Feb 26, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. While reading sysctl_fib_multipath_use_neigh, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader.

Vendor	Product	Versions
Linux	Linux	affected `a6db4494d218c2e559173661ee972e048dc04fdd - < 6727f39e99e0f545d815edebb6c94228485427ec` affected `a6db4494d218c2e559173661ee972e048dc04fdd - < e045d672ba06e1d35bacb56374d350de0ac99066` affected `a6db4494d218c2e559173661ee972e048dc04fdd - < b8d345db03b4deffb4f04219a51d3b1e94171b76` affected `a6db4494d218c2e559173661ee972e048dc04fdd - < 14e996577ed2799a1ed6ffeb71c76d63acb28444` affected `a6db4494d218c2e559173661ee972e048dc04fdd - < 87507bcb4f5de16bb419e9509d874f4db6c0ad0f`
Linux	Linux	affected `4.7` unaffected `0 - < 4.7` unaffected `5.4.208 - <= 5.4.` unaffected `5.10.134 - <= 5.10.` unaffected `5.15.58 - <= 5.15.*` +2 more versions

References

https://git.kernel.org/stable/c/6727f39e99e0f545d815edebb6c94228485427ec

https://git.kernel.org/stable/c/e045d672ba06e1d35bacb56374d350de0ac99066

https://git.kernel.org/stable/c/b8d345db03b4deffb4f04219a51d3b1e94171b76

https://git.kernel.org/stable/c/14e996577ed2799a1ed6ffeb71c76d63acb28444

https://git.kernel.org/stable/c/87507bcb4f5de16bb419e9509d874f4db6c0ad0f

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-49580

Description

Affected Products

References