Ubuntu: (CVE-2022-49590): linux vulnerability
Description
In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctl_igmp_llm_reports. While reading sysctl_igmp_llm_reports, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. This test can be packed into a helper, so such changes will be in the follow-up series after net is merged into net-next. if (ipv4_is_local_multicast(pmc->multiaddr) && !READ_ONCE(net->ipv4.sysctl_igmp_llm_reports))
Solution(s)
- ubuntu-upgrade-linux
- ubuntu-upgrade-linux-aws
- ubuntu-upgrade-linux-aws-5-4
- ubuntu-upgrade-linux-azure
- ubuntu-upgrade-linux-azure-4-15
- ubuntu-upgrade-linux-azure-5-4
- ubuntu-upgrade-linux-gcp-4-15
- ubuntu-upgrade-linux-gcp-5-4
- ubuntu-upgrade-linux-hwe-5-4
- ubuntu-upgrade-linux-ibm-5-4
- ubuntu-upgrade-linux-kvm
- ubuntu-upgrade-linux-oracle
- ubuntu-upgrade-linux-oracle-5-4
- ubuntu-upgrade-linux-raspi-5-4
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center