CVE-2022-49325

Feb. 26, 2025, 7:01 a.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp->snd_cwnd We had various bugs over the years with code breaking the assumption that tp->snd_cwnd is greater than zero. Lately, syzbot reported the WARN_ON_ONCE(!tp->prior_cwnd) added in commit 8b8a321ff72c ("tcp: fix zero cwnd in tcp_cwnd_reduction") can trigger, and without a repro we would have to spend considerable time finding the bug. Instead of complaining too late, we want to catch where and when tp->snd_cwnd is set to an illegal value.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/3308676ec525901bf1656014003c443a60730a04
https://git.kernel.org/stable/c/40570375356c874b1578e05c1dcc3ff7c1322dbe
https://git.kernel.org/stable/c/41e191fe72282e193a7744e2fc1786b23156c9e4
https://git.kernel.org/stable/c/5aba0ad44fb4a7fb78c5076c313456de199a3c29

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-02-26
CVE-2022-49325

Timeline

Published: Feb. 26, 2025, 7:01 a.m.
Last Modified: Feb. 26, 2025, 7:01 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.