CVE-2022-49110

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning as of commit 4608fdfc07e1 ("netfilter: conntrack: collect all entries in one cycle") conntrack gc was changed to run every 2 minutes. On systems where conntrack hash table is set to large value, most evictions happen from gc worker rather than the packet path due to hash table distribution. This causes netlink event overflows when events are collected. This change collects average expiry of scanned entries and reschedules to the average remaining value, within 1 to 60 second interval. To avoid event overflows, reschedule after each bucket and add a limit for both run time and number of evictions per run. If more entries have to be evicted, reschedule and restart 1 jiffy into the future.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2cfadb761d3d0219412fd8150faea60c7e863833	Patch
https://git.kernel.org/stable/c/58d52743ae85d28c9335c6034d6ce350b8689951	Patch
https://git.kernel.org/stable/c/592e57591826f3d09c28d755a39ea8e9d13705ad	Patch
https://git.kernel.org/stable/c/7cd361d5e6d986c0d4cafb9ceaa803359048ae15	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2025-02-26 07:00

Updated : 2025-09-23 18:16

NVD link : CVE-2022-49110

Mitre link : CVE-2022-49110

CVE.ORG link : CVE-2022-49110

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2022-49110", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-02-26T07:00:48.363", "references": [{"url": "https://git.kernel.org/stable/c/2cfadb761d3d0219412fd8150faea60c7e863833", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/58d52743ae85d28c9335c6034d6ce350b8689951", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/592e57591826f3d09c28d755a39ea8e9d13705ad", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7cd361d5e6d986c0d4cafb9ceaa803359048ae15", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: revisit gc autotuning\n\nas of commit 4608fdfc07e1\n(\"netfilter: conntrack: collect all entries in one cycle\")\nconntrack gc was changed to run every 2 minutes.\n\nOn systems where conntrack hash table is set to large value, most evictions\nhappen from gc worker rather than the packet path due to hash table\ndistribution.\n\nThis causes netlink event overflows when events are collected.\n\nThis change collects average expiry of scanned entries and\nreschedules to the average remaining value, within 1 to 60 second interval.\n\nTo avoid event overflows, reschedule after each bucket and add a\nlimit for both run time and number of evictions per run.\n\nIf more entries have to be evicted, reschedule and restart 1 jiffy\ninto the future."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: conntrack: volver a realizar el ajuste autom\u00e1tico de gc a partir de el commit 4608fdfc07e1 (\"netfilter: conntrack: recopilar todas las entradas en un ciclo\") Se modific\u00f3 conntrack gc para que se ejecute cada 2 minutos. En sistemas en los que la tabla hash de conntrack est\u00e1 configurada con un valor grande, la mayor\u00eda de los desalojos se producen desde el trabajador de gc en lugar de la ruta del paquete debido a la distribuci\u00f3n de la tabla hash. Esto provoca desbordamientos de eventos de netlink cuando se recopilan eventos. Este cambio recopila la expiraci\u00f3n promedio de las entradas escaneadas y reprograma al valor restante promedio, dentro de un intervalo de 1 a 60 segundos. Para evitar desbordamientos de eventos, reprograme despu\u00e9s de cada dep\u00f3sito y agregue un l\u00edmite tanto para el tiempo de ejecuci\u00f3n como para la cantidad de desalojos por ejecuci\u00f3n. Si se deben desalojar m\u00e1s entradas, reprograme y reinicie 1 santiam\u00e9n en el futuro."}], "lastModified": "2025-09-23T18:16:22.690", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE872F08-121D-4AE8-82B9-2B5DA905C944", "versionEndExcluding": "5.15.34"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABBBA66E-0244-4621-966B-9790AF1EEB00", "versionEndExcluding": "5.16.20", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE420AC7-1E59-4398-B84F-71F4B4337762", "versionEndExcluding": "5.17.3", "versionStartIncluding": "5.17"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}