Vulnerability CVE-2022-23222: Information

Description

kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-23222
Published: Jan. 14, 2022
Modified: March 25, 2024
Error type identifier: CWE-476

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
kernel-image-mpsisyphus5.16.12-alt16.8.12-alt1ALT-PU-2022-1456-1296426Fixed
kernel-image-mpp106.1.19-alt16.1.19-alt1ALT-PU-2023-4894-3327092Fixed
kernel-image-mpp115.16.12-alt16.8.8-alt1ALT-PU-2022-1456-1296426Fixed
kernel-image-rpi-defsisyphus5.15.48-alt15.15.92-alt2ALT-PU-2022-2136-1302530Fixed
kernel-image-rpi-defp105.15.48-alt15.15.92-alt2ALT-PU-2022-2137-1302529Fixed
kernel-image-rpi-defp115.15.48-alt15.15.92-alt2ALT-PU-2022-2136-1302530Fixed
kernel-image-rpi-unsisyphus5.17.1-alt16.6.23-alt1ALT-PU-2022-1647-1297977Fixed
kernel-image-rpi-unp105.18.7-alt16.1.77-alt1ALT-PU-2022-2155-1302781Fixed
kernel-image-rpi-unp115.17.1-alt16.6.23-alt1ALT-PU-2022-1647-1297977Fixed
kernel-image-rtsisyphus6.1.28-alt1.rt106.1.92-alt1.rt32ALT-PU-2023-1814-1320645Fixed
kernel-image-rtp116.1.28-alt1.rt106.1.90-alt2.rt30ALT-PU-2023-1814-1320645Fixed
kernel-image-std-defsisyphus5.15.37-alt16.1.92-alt1ALT-PU-2022-1810-1299417Fixed
kernel-image-std-defp115.15.37-alt16.1.91-alt1ALT-PU-2022-1810-1299417Fixed
kernel-image-un-defsisyphus5.16.11-alt16.6.32-alt1ALT-PU-2022-1387-1295944Fixed
kernel-image-un-defsisyphus_riscv645.19.16-alt2.rv646.6.32-alt1.0.portALT-PU-2022-6777-1-Fixed
kernel-image-un-defp105.15.37-alt16.1.90-alt1ALT-PU-2022-1853-1299418Fixed
kernel-image-un-defc10f15.15.37-alt16.1.85-alt0.c10f.1ALT-PU-2022-1853-1299418Fixed
kernel-image-un-defp115.16.11-alt16.6.31-alt1ALT-PU-2022-1387-1295944Fixed
linux-toolssisyphus_riscv646.0-alt16.9-alt1ALT-PU-2022-6483-1-Fixed
linux-toolsp106.1-alt0.p10.16.1-alt0.p10.1ALT-PU-2023-4282-2323593Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.openwall.com/lists/oss-security/2022/01/13/1
  • Mailing List
  • Third Party Advisory
[oss-security] 20220114 Re: Linux Kernel eBPF Improper Input Validation Vulnerability
  • Mailing List
  • Third Party Advisory
[oss-security] 20220118 Re: Linux Kernel eBPF Improper Input Validation Vulnerability
  • Exploit
  • Mailing List
  • Third Party Advisory
DSA-5050
  • Third Party Advisory
https://security.netapp.com/advisory/ntap-20220217-0002/
  • Third Party Advisory
[oss-security] 20220601 Re: Linux Kernel eBPF Improper Input Validation Vulnerability
  • Mailing List
  • Patch
  • Third Party Advisory
[oss-security] 20220604 Re: Linux Kernel eBPF Improper Input Validation Vulnerability
  • Mailing List
  • Third Party Advisory
[oss-security] 20220607 Re: Linux Kernel eBPF Improper Input Validation Vulnerability
  • Mailing List
  • Third Party Advisory
FEDORA-2022-952bb7b856
    FEDORA-2022-edbd74424e
      https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=64620e0a1e712a778095bd35cbb277dc2259281f
        https://bugzilla.suse.com/show_bug.cgi?id=1194765

            1. Configuration 1

              cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
              Start including
              5.16
              End excliding
              5.16.11
              cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
              Start including
              5.8.0
              End excliding
              5.15.37

              Configuration 2

              cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

              Configuration 3

              cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

              Configuration 4

              cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

              Configuration 5

              cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

              Configuration 6

              cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

              Configuration 7

              cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

              Configuration 8

              cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

              Configuration 9

              cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

              Configuration 10

              cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
              Running on/with:
              cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

              Configuration 11

              cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
              cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
          VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
          Version: v24.5.3
          Back to top