Download
| Alert*
|
CVE-2022-0500
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel���s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. CVE-2022-23222 kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. |
