CVE-2022-49672
net: tun: unlink NAPI from device on destruction
In the Linux kernel, the following vulnerability has been resolved:
net: tun: unlink NAPI from device on destruction
Syzbot found a race between tun file and device destruction.
NAPIs live in struct tun_file which can get destroyed before
the netdev so we have to del them explicitly. The current
code is missing deleting the NAPI if the queue was detached
first.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/3b9bc84d311104906d2b4995a9a02d7b7ddab2dbhttps://git.kernel.org/stable/c/8145f77d38de4f88b8a69e1463f5c09ba189d77chttps://git.kernel.org/stable/c/82e729aee59acefe135fceffadcbc5b86dd4f1b9https://git.kernel.org/stable/c/8661d4b8faa2f7ee7a559969c0a7c57f077b1728https://git.kernel.org/stable/c/a8cf919022373c97a84fe596bbea544f909c485dhttps://git.kernel.org/stable/c/bec1be0a745ab420718217e3e0d9542a75108989