GSD-2022-1001245
- Source
- https://data.gsd.id/GSD-2022-1001245
- Import Source
- https://github.com/cloudsecurityalliance/gsd-database/blob/main/2022/1001xxx/GSD-2022-1001245.json
- JSON Data
- https://api.osv.dev/v1/vulns/GSD-2022-1001245
- Published
- 2022-04-24T20:57:24.880480Z
- Modified
- 2023-02-22T03:12:58.912135Z
- Summary
- bpf: Fix UAF due to race between btf_try_get_module and load_module
- Details
-
bpf: Fix UAF due to race between btftrygetmodule and loadmodule
This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit 0481baa2318cb1ab13277715da6cdbb657807b3f, it was introduced in version v5.12 by commit 541c3bad8dc51b253ba8686d0cd7628e6b9b5f4c. For more details please see the references link.
- References
-
Affected packages
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/
- Events
-
Introduced541c3bad8dc51b253ba8686d0cd7628e6b9b5f4cLimit0481baa2318cb1ab13277715da6cdbb657807b3f
Affected versions
v5.*
v5.11
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1