Linux Kernel TCP Sysctl Concurrent Access Vulnerability

Vulnerability

A vulnerability in the Linux kernel's TCP implementation allows for concurrent modification of the 'sysctl_tcp_recovery' parameter while it is being read. This data race can lead to inconsistent or unexpected behavior. The issue has been addressed by adding a 'READ_ONCE()' directive to the readers of this parameter, ensuring safe access.

Impact

Exploitation of this vulnerability could lead to data corruption or unpredictable behavior in TCP connections, potentially disrupting network communication or causing applications to misbehave.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel TCP Sysctl Concurrent Access Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating