CVE & CISA-KEV Catalog

CVE-2022-49663

MEDIUM
5.5
CVSS v3
NVD

Description

In the Linux kernel, the following vulnerability has been resolved: tunnels: do not assume mac header is set in skb_tunnel_check_pmtu() Recently added debug in commit f9aefd6b2aa3 ("net: warn if mac header was not set") caught a bug in skb_tunnel_check_pmtu(), as shown in this syzbot report [1]. In ndo_start_xmit() paths, there is really no need to use skb->mac_header, because skb->data is supposed to point at it. [1] WARNING: CPU: 1 PID: 8604 at include/linux/skbuff.h:2784 skb_mac_header_len include/linux/skbuff.h:2784 [inline] WARNING: CPU: 1 PID: 8604 at include/linux/skbuff.h:2784 skb_tunnel_check_pmtu+0x5de/0x2f90 net/ipv4/ip_tunnel_core.c:413 Modules linked in: CPU: 1 PID: 8604 Comm: syz-executor.3 Not tainted 5.19.0-rc2-syzkaller-00443-g8720bd951b8e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:skb_mac_header_len include/linux/skbuff.h:2784 [inline] RIP: 0010:skb_tunnel_check_pmtu+0x5de/0x2f90 net/ipv4/ip_tunnel_core.c:413 Code: 00 00 00 00 fc ff df 4c 89 fa 48 c1 ea 03 80 3c 02 00 0f 84 b9 fe ff ff 4c 89 ff e8 7c 0f d7 f9 e9 ac fe ff ff e8 c2 13 8a f9 <0f> 0b e9 28 fc ff ff e8 b6 13 8a f9 48 8b 54 24 70 48 b8 00 00 00 RSP: 0018:ffffc90002e4f520 EFLAGS: 00010212 RAX: 0000000000000324 RBX: ffff88804d5fd500 RCX: ffffc90005b52000 RDX: 0000000000040000 RSI: ffffffff87f05e3e RDI: 0000000000000003 RBP: ffffc90002e4f650 R08: 0000000000000003 R09: 000000000000ffff R10: 000000000000ffff R11: 0000000000000000 R12: 000000000000ffff R13: 0000000000000000 R14: 000000000000ffcd R15: 000000000000001f FS: 00007f3babba9700(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000080 CR3: 0000000075319000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> geneve_xmit_skb drivers/net/geneve.c:927 [inline] geneve_xmit+0xcf8/0x35d0 drivers/net/geneve.c:1107 __netdev_start_xmit include/linux/netdevice.h:4805 [inline] netdev_start_xmit include/linux/netdevice.h:4819 [inline] __dev_direct_xmit+0x500/0x730 net/core/dev.c:4309 dev_direct_xmit include/linux/netdevice.h:3007 [inline] packet_direct_xmit+0x1b8/0x2c0 net/packet/af_packet.c:282 packet_snd net/packet/af_packet.c:3073 [inline] packet_sendmsg+0x21f4/0x55d0 net/packet/af_packet.c:3104 sock_sendmsg_nosec net/socket.c:714 [inline] sock_sendmsg+0xcf/0x120 net/socket.c:734 ____sys_sendmsg+0x6eb/0x810 net/socket.c:2489 ___sys_sendmsg+0xf3/0x170 net/socket.c:2543 __sys_sendmsg net/socket.c:2572 [inline] __do_sys_sendmsg net/socket.c:2581 [inline] __se_sys_sendmsg net/socket.c:2579 [inline] __x64_sys_sendmsg+0x132/0x220 net/socket.c:2579 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x46/0xb0 RIP: 0033:0x7f3baaa89109 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f3babba9168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f3baab9bf60 RCX: 00007f3baaa89109 RDX: 0000000000000000 RSI: 0000000020000a00 RDI: 0000000000000003 RBP: 00007f3baaae305d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe74f2543f R14: 00007f3babba9300 R15: 0000000000022000 </TASK>

How to fix

Remediation Available
linuxDebian
Fixed in:5.10.136-1CVE-2022-49663
Fixed in:5.18.14-1CVE-2022-49663
Fixed in:5.18.14-1CVE-2022-49663
Fixed in:5.18.14-1CVE-2022-49663
bpftoolRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
bpftoolRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
bpftool-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
bpftool-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernelRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernelRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-abi-stablelistsRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-abi-stablelistsRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-coreRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-coreRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debugRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debugRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-coreRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-coreRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-develRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-develRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-modulesRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-modulesRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-modules-extraRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-modules-extraRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-aarch64Rocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-aarch64Red Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-ppc64leRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-ppc64leRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-s390xRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-s390xRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-x86_64Red Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-x86_64Rocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-develRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-develRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-docRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-docRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-modulesRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-modulesRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-modules-extraRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-modules-extraRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-toolsRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-toolsRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-libsRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-libsRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-libs-develRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-libs-develRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdumpRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdumpRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-coreRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-coreRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-develRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-develRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-modulesRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-modulesRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-modules-extraRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-modules-extraRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
perfRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
perfRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
perf-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
perf-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
python3-perfRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
python3-perfRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
python3-perf-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
python3-perf-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

0.27%probability of exploitation in 30 days
18thpercentile

Low risk: more likely to be exploited than 18% of all known CVEs.

References

Embed a live status badge for CVE-2022-49663
CVE-2022-49663 severity badge

Markdown

[![CVE-2022-49663](https://tridentstack.com/cve/badge/CVE-2022-49663.svg)](https://tridentstack.com/cve/CVE-2022-49663)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-49663"><img src="https://tridentstack.com/cve/badge/CVE-2022-49663.svg" alt="CVE-2022-49663"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-10-24.