Back to bug 2044578
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Pedro Sampaio | 2022-01-24 19:05:54 UTC | CC | security-response-team | |
| Pedro Sampaio | 2022-01-24 19:06:29 UTC | Blocks | 2044579 | |
| Alex | 2022-01-25 11:50:39 UTC | Severity | high | medium |
| Priority | high | medium | ||
| Alex | 2022-01-25 14:44:40 UTC | Doc Text | A flaw unrestricted ebpf usage by BPF_BTF_LOAD leading to possibility of out of bounds memory write in the Linux kernel BPF subsystem was found in the way user load a BTF by himself. A local user could use this flaw to crash the system or escalate their privileges on the system. |
|
| Alex | 2022-01-25 15:42:06 UTC | Depends On | 2045103, 2045104, 2045106, 2045105 | |
| Marian Rehak | 2022-02-04 15:35:23 UTC | Summary | EMBARGOED kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges | EMBARGOED CVE-2022-0500 kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges |
| Alias | CVE-2022-0500 | |||
| Marian Rehak | 2022-02-04 15:39:34 UTC | Blocks | 2050770 | |
| RaTasha Tillery-Smith | 2022-02-07 15:25:35 UTC | Doc Text | A flaw unrestricted ebpf usage by BPF_BTF_LOAD leading to possibility of out of bounds memory write in the Linux kernel BPF subsystem was found in the way user load a BTF by himself. A local user could use this flaw to crash the system or escalate their privileges on the system. | A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. |
| RaTasha Tillery-Smith | 2022-02-07 15:26:03 UTC | Doc Text | A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. | A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. |
| Alex | 2022-02-20 13:49:03 UTC | Group | security, qe_staff | |
| CC | adscvr, airlied, alciregi, bskeggs, hdegoede, jarodwilson, jeremy, jglisse, jonathan, josef, jwboyer, jwyatt, kernel-maint, kernel-mgr, linville, masami256, mchehab, steved, zulinx86 | |||
| Deadline | 2022-01-14 | |||
| Summary | EMBARGOED CVE-2022-0500 kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges | CVE-2022-0500 kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges | ||
| Alex | 2022-02-20 13:50:01 UTC | Depends On | 2056248 | |
| Alex | 2022-02-20 14:02:54 UTC | Fixed In Version | Linux kernel 5.17-rc1 | |
| Salvatore Bonaccorso | 2022-02-21 07:32:03 UTC | CC | carnil | |
| Flags | needinfo?(psampaio) | |||
| Pedro Sampaio | 2022-02-21 13:06:46 UTC | Flags | needinfo?(psampaio) | needinfo?(carnil) |
| Salvatore Bonaccorso | 2022-02-21 13:14:23 UTC | Flags | needinfo?(carnil) | |
| Salvatore Bonaccorso | 2022-02-21 13:18:35 UTC | Flags | needinfo?(psampaio) | |
| Pedro Sampaio | 2022-03-02 20:50:48 UTC | Flags | needinfo?(psampaio) | needinfo?(allarkin) |
| CC | allarkin | |||
| Alex | 2022-03-03 17:42:38 UTC | Flags | needinfo?(allarkin) | |
| Red Hat Bugzilla | 2022-06-04 08:04:44 UTC | CC | fpacheco | |
| Red Hat Bugzilla | 2022-07-16 03:20:39 UTC | CC | brdeoliv | |
| Red Hat Bugzilla | 2022-12-31 23:36:16 UTC | CC | fhrbata | |
| Red Hat Bugzilla | 2023-04-01 08:42:00 UTC | CC | dhoward | |
| Red Hat Bugzilla | 2023-07-07 08:33:07 UTC | Assignee | security-response-team | nobody |
| CC | security-response-team |
Back to bug 2044578