cbcvebase.
CVE-2022-2785
published 2022-09-23

CVE-2022-2785: There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified…

PriorityP426medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.25%
16.0th percentile
There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from anywhere on the system. We recommend upgrading past commit 86f44fcec22c

Affected

11 ranges
VendorProductVersion rangeFixed in
debianlinux< linux 5.19.6-1 (bookworm)linux 5.19.6-1 (bookworm)
linuxlinux_kernel< 5.19.45.19.4
linuxlinux_kernel>= 0 < 5.19.6-15.19.6-1
linuxlinux_kernel>= 0 < 5.19.6-15.19.6-1
linuxlinux_kernel>= 0 < 5.19.6-15.19.6-1
linux_kernelkernel>= 5.14 < af2ac3e13e45af2ac3e13e45
linux_kernelkernel>= 5.18 < b1d18a7574d0b1d18a7574d0
msrcazl3_kernel_6.6.35.1-4_on_azure_linux_3.0
msrcazl3_kernel_6.6.92.2-1_on_azure_linux_3.0
msrccbl2_kernel_5.15.82.1-1_on_cbl_mariner_2.0
msrccm1_kernel_5.10.145.1-1_on_cbl_mariner_1.0

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
osv5.5MEDIUM
vendor_debian6.7MEDIUM
vendor_redhat6.7MEDIUM
vendor_msrc5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.