CVE-2022-2785

CWE-125 — Out-of-bounds Read7 documents7 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 84.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Kernel Linux Linux Kernel

Timeline

PublishedSep 23

Latest updateSep 25

Description

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from anywhere on the system. We recommend upgrading past commit 86f44fcec22c

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages3 packages

▶NVDlinux/linux_kernel< 2022-08-10

▶CVEListV5linux_kernel/kernel5.14 — af2ac3e13e45+1

▶Debianlinux< 5.19.6-1+2

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-xhpr-rjf3-gg6p: There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not ve↗2022-09-25

▶

OSV

CVE-2022-2785: There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not ve↗2022-09-23

▶

CVEList

Arbitrary Memory read in BPF Linux Kernel↗2022-09-23

▶

📋Vendor Advisories

Microsoft

Arbitrary Memory read in BPF Linux Kernel↗2022-09-13

▶

Red Hat

kernel: out-of-bounds read due to improper check of bpf_sys_bpf() arguments↗2022-08-10

▶

Debian

CVE-2022-2785: linux - There exists an arbitrary memory read within the Linux Kernel BPF - Constants pr...↗2022

▶