CVE-2022-49340: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49340 is a vulnerability in the Linux kernel's ipgre module that was discovered and resolved in 2022. The issue affects the GRE (Generic Routing Encapsulation) implementation with TUNNELCSUM when handling CHECKSUMPARTIAL packets. The vulnerability involves improper validation of csumstart after an optional skbpull operation, which could potentially trigger an overflow in lcocsum (Kernel Git).

The vulnerability exists in the ipgrexmit function where the original check if (csum && skb_checksum_start(skb) < skb->data) return -EINVAL had false positives when skbchecksumstart was undefined for non-CHECKSUMPARTIAL packets. The issue specifically occurs in an uncommon GRE path that uses headerops and calls skbpull. The fix involves revising the check to validate csumstart directly and only when CHECKSUMPARTIAL is set, while maintaining the check in the updated location regardless of whether TUNNEL_CSUM is configured (Kernel Git).

When exploited, this vulnerability could lead to an overflow condition in the lco_csum operation when processing GRE packets with specific checksum configurations. This could potentially affect network packet processing in systems using GRE tunneling with checksum offloading enabled (Kernel Git).

The issue has been fixed by modifying the validation logic to properly check csumstart only when CHECKSUMPARTIAL is set. The patch has been merged into the Linux kernel, and the fix involves changing the code to use if (skb->ip_summed == CHECKSUM_PARTIAL && skb_checksum_start(skb) < skb->data) for validation (Kernel Git).