Linux Kernel up to 5.10.133/5.15.57/5.18.14 sysctl_ip_prot_sock information disclosure

Summaryinfo

A vulnerability described as problematic has been identified in Linux Kernel up to 5.10.133/5.15.57/5.18.14. Affected by this vulnerability is the function sysctl_ip_prot_sock. Such manipulation leads to information disclosure. This vulnerability is documented as CVE-2022-49578. There is not any exploit available. Upgrading the affected component is recommended.

Detailsinfo

A vulnerability was found in Linux Kernel up to 5.10.133/5.15.57/5.18.14 and classified as problematic. Affected by this issue is the function sysctl_ip_prot_sock. The manipulation with an unknown input leads to a information disclosure vulnerability. Using CWE to declare the problem leads to CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. Impacted is confidentiality. CVE summarizes:

In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_prot_sock. sysctl_ip_prot_sock is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing.

The advisory is shared for download at git.kernel.org. This vulnerability is handled as CVE-2022-49578 since 02/26/2025. The exploitation is known to be difficult. There are known technical details, but no exploit is available. The MITRE ATT&CK project declares the attack technique as T1592.

The vulnerability scanner Nessus provides a plugin with the ID 234545 (SUSE SLES12 Security Update : kernel (SUSE-SU-2025:1293-1)), which helps to determine the existence of the flaw in a target environment.

Upgrading to version 5.10.134, 5.15.58 or 5.18.15 eliminates this vulnerability. Applying the patch 9add240f76af6d141d2eebd3a1558a0e503a993d/95724fe897a4ecf2be51452ef96e818568071664/ef699813d99cc29e6e25c9f6da7766526cc8bd6e/9b55c20f83369dd54541d9ddbe3a018a8377f451 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.

The vulnerability is also documented in the vulnerability database at Tenable (234545). VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Type

• Operating System

Vendor

• Linux

Name

• Kernel

Version

• 5.10.133
• 5.15.0
• 5.15.1
• 5.15.2
• 5.15.3
• 5.15.4
• 5.15.5
• 5.15.6
• 5.15.7
• 5.15.8
• 5.15.9
• 5.15.10
• 5.15.11
• 5.15.12
• 5.15.13
• 5.15.14
• 5.15.15
• 5.15.16
• 5.15.17
• 5.15.18
• 5.15.19
• 5.15.20
• 5.15.21
• 5.15.22
• 5.15.23
• 5.15.24
• 5.15.25
• 5.15.26
• 5.15.27
• 5.15.28
• 5.15.29
• 5.15.30
• 5.15.31
• 5.15.32
• 5.15.33
• 5.15.34
• 5.15.35
• 5.15.36
• 5.15.37
• 5.15.38
• 5.15.39
• 5.15.40
• 5.15.41
• 5.15.42
• 5.15.43
• 5.15.44
• 5.15.45
• 5.15.46
• 5.15.47
• 5.15.48
• 5.15.49
• 5.15.50
• 5.15.51
• 5.15.52
• 5.15.53
• 5.15.54
• 5.15.55
• 5.15.56
• 5.15.57
• 5.18.0
• 5.18.1
• 5.18.2
• 5.18.3
• 5.18.4
• 5.18.5
• 5.18.6
• 5.18.7
• 5.18.8
• 5.18.9
• 5.18.10
• 5.18.11
• 5.18.12
• 5.18.13
• 5.18.14

License

• open-source

Website

• Vendor: https://www.kernel.org/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Discussion