{"id":"CVE-2022-49638","summary":"icmp: Fix data-races around sysctl.","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: Fix data-races around sysctl.\n\nWhile reading icmp sysctl variables, they can be changed concurrently.\nSo, we need to add READ_ONCE() to avoid data-races.","modified":"2026-04-11T12:44:19.659941Z","published":"2025-02-26T02:23:47.200Z","related":["SUSE-SU-2025:1176-1","SUSE-SU-2025:1241-1","SUSE-SU-2025:1293-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49638.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0cba7ca667ceb06934746ddd9833a25847bde81d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1740e5922fbb705637ae9fa5203db132fc45f9f6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/48d7ee321ea5182c6a70782aa186422a70e67e22"},{"type":"WEB","url":"https://git.kernel.org/stable/c/53ecd09ef2fb35fa69667ae8e414ef6b00fd3bf6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/798c2cf57c63ab39c8aac24d6a3d50f4fa5eeb06"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e088ceb73c24ab4774da391d54a6426f4bfaefce"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e2828e8c605853f71267825c9415437c0a93e4f2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/edeec63b13c252193d626c2a48d7a2f0e7016dc2"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49638.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49638"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4cdf507d54525842dfd9f6313fdafba039084046"},{"fixed":"1740e5922fbb705637ae9fa5203db132fc45f9f6"},{"fixed":"53ecd09ef2fb35fa69667ae8e414ef6b00fd3bf6"},{"fixed":"edeec63b13c252193d626c2a48d7a2f0e7016dc2"},{"fixed":"0cba7ca667ceb06934746ddd9833a25847bde81d"},{"fixed":"e088ceb73c24ab4774da391d54a6426f4bfaefce"},{"fixed":"e2828e8c605853f71267825c9415437c0a93e4f2"},{"fixed":"798c2cf57c63ab39c8aac24d6a3d50f4fa5eeb06"},{"fixed":"48d7ee321ea5182c6a70782aa186422a70e67e22"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49638.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.18.0"},{"fixed":"4.9.324"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.10.0"},{"fixed":"4.14.289"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.253"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.207"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.132"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.56"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"5.18.13"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49638.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}