2043520 – (CVE-2022-23222) CVE-2022-23222 kernel: local privileges escalation in kernel/bpf/verifier.c

Bug 2043520 (CVE-2022-23222) - CVE-2022-23222 kernel: local privileges escalation in kernel/bpf/verifier.c

Summary: CVE-2022-23222 kernel: local privileges escalation in kernel/bpf/verifier.c

Keywords:
Status:	NEW
Alias:	CVE-2022-23222
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2043521 2053105 2053106 2053107 2053108
Blocks:	2043522
TreeView+	depends on / blocked

Reported:	2022-01-21 12:53 UTC by Marian Rehak
Modified:	2023-07-07 08:31 UTC (History)
CC List:	41 users (show)
Fixed In Version:	kernel 5.17 rc1
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the Linux kernel's adjust_ptr_min_max_vals in the kernel/bpf/verifier.c function. In this flaw, a missing sanity check for *_OR_NULL pointer types that perform pointer arithmetic may cause a kernel information leak issue.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Marian Rehak 2022-01-21 12:53:59 UTC

Local privileges escalation possible because of the availability of pointer arithmetic via certain *_OR_NULL pointer types in kernel/bpf/verifier.c.

Reference:

https://www.openwall.com/lists/oss-security/2022/01/13/1

Comment 1 Marian Rehak 2022-01-21 12:54:22 UTC

Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2043521]

Note You need to log in before you can comment on or make changes to this bug.

acaringi
adscvr
airlied
alciregi
bhu
bskeggs
chwhite
dvlasenk
hdegoede
hkrzesin
jarod
jarodwilson
jburrell
jeremy
jfaracco
jforbes
jglisse
jlelli
jonathan
josef
jshortt
jstancek
jwboyer
kcarcia
kernel-maint
kernel-mgr
lgoncalv
linville
lzampier
masami256
mchehab
nmurray
ptalbert
qzhao
rvrbovsk
scweaver
steved
swood
vkumar
walters
williams