CVE-2022-4129

high

Published 2023-05-09 · Modified 2023-05-19

CVSS v3

—

CVSS v2

—

VIR risk

8.0

Description

Important: kernel security, bug fix, and enhancement update

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2023-2148.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2023-2458.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2177371

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2165741

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2147364

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2139610

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2134380

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2133490

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2107924

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2106830

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2089701

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2073091

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2023-2736.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2023:2736

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2023-2951.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2180936

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2176192

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2168297

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2168246

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2165721

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2162120

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2160023

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2154235

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2154171

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2151270

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2150999

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2150979

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2150960

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2150947

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2144720

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2143943

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2143893

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2137979

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2134528

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2134517

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2134506

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2134451

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2134377

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2133483

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2130141

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2127985

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2124788

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2123056

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2122960

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2122228

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2114937

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2108696

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2108691

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2090723

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2085300

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2084125

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2078466

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2061703

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2055499

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2023:2951

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2022-4129

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2022-4129.html

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2023:2458

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2023:2148

Mitigation details

Source: Red Hat Errata — Red Hat Inc. · View original ↗ · Open-Errata-API

Description kernel: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux 8kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8RHSA-2023:27362023-05-16T00:00:00Z Red Hat Enterprise Linux…

Description

kernel: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference

CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Errata / fixed releases

Product	Package	Advisory	Released
Red Hat Enterprise Linux 8	`kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8`	RHSA-2023:2736	2023-05-16T00:00:00Z
Red Hat Enterprise Linux 8	`kernel-0:4.18.0-477.10.1.el8_8`	RHSA-2023:2951	2023-05-16T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support	`kernel-0:4.18.0-372.87.1.el8_6`	RHSA-2024:0412	2024-01-25T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-0:5.14.0-284.11.1.el9_2`	RHSA-2023:2458	2023-05-09T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-rt-0:5.14.0-284.11.1.rt14.296.el9_2`	RHSA-2023:2148	2023-05-09T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-0:5.14.0-284.11.1.el9_2`	RHSA-2023:2458	2023-05-09T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	`kernel-0:4.18.0-372.87.1.el8_6`	RHSA-2024:0412	2024-01-25T00:00:00Z

Package state

Product	Package	State
Red Hat Enterprise Linux 6	`kernel`	Out of support scope
Red Hat Enterprise Linux 7	`kernel`	Out of support scope
Red Hat Enterprise Linux 7	`kernel-rt`	Out of support scope

Apply commands

bash fix

Apply RHSA-2023:2736 for Red Hat Enterprise Linux 8

yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rt

OS impact

OS	Version	Status	Fixed in
rhel	9	fixed
sles		affected
debian	bookworm	fixed	`6.1.4-1`
debian	bullseye	fixed	`5.10.178-1`
debian	forky	fixed	`6.1.4-1`
debian	sid	fixed	`6.1.4-1`
debian	trixie	fixed	`6.1.4-1`
almalinux	8	fixed	`kernel-doc-4.18.0-477.10.1.el8_8.noarch.rpm`
almalinux	9	fixed	`kernel-doc-5.14.0-284.11.1.el9_2.noarch.rpm`

References

Verify integrity in audit chain (admin only). AS-IS.