Medium severity4.7NVD Advisory· Published May 1, 2025· Updated Jun 17, 2026
CVE-2022-49920
CVE-2022-49920
Description
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: netlink notifier might race to release objects
commit release path is invoked via call_rcu and it runs lockless to release the objects after rcu grace period. The netlink notifier handler might win race to remove objects that the transaction context is still referencing from the commit release path.
Call rcu_barrier() to ensure pending rcu callbacks run to completion if the list of transactions to be destroyed is not empty.
Affected products
3Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.