Bug 2043520 (CVE-2022-23222) - CVE-2022-23222 kernel: local privileges escalation in kernel/bpf/verifier.c
Summary: CVE-2022-23222 kernel: local privileges escalation in kernel/bpf/verifier.c
Keywords:
Status: NEW
Alias: CVE-2022-23222
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2043521 2053105 2053106 2053107 2053108
Blocks: 2043522
TreeView+ depends on / blocked
 
Reported: 2022-01-21 12:53 UTC by Marian Rehak
Modified: 2023-09-26 18:44 UTC (History)
40 users (show)

Fixed In Version: kernel 5.17 rc1
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Linux kernel's adjust_ptr_min_max_vals in the kernel/bpf/verifier.c function. In this flaw, a missing sanity check for *_OR_NULL pointer types that perform pointer arithmetic may cause a kernel information leak issue.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Marian Rehak 2022-01-21 12:53:59 UTC
Local privileges escalation possible because of the availability of pointer arithmetic via certain *_OR_NULL pointer types in kernel/bpf/verifier.c.

Reference:

https://www.openwall.com/lists/oss-security/2022/01/13/1

Comment 1 Marian Rehak 2022-01-21 12:54:22 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2043521]


Note You need to log in before you can comment on or make changes to this bug.