CVE-2022-0264
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. This flaws affects kernel versions < v5.16-rc6
Se encontró una vulnerabilidad en el verificador eBPF del kernel de Linux cuando son manejados estructuras de datos internas. Las ubicaciones de memoria interna podían ser devueltas al espacio de usuario. Un atacante local con los permisos para insertar código eBPF en el kernel puede usar esto para filtrar detalles de memoria interna del kernel derrotando algunas de las mitigaciones de la explotación en el lugar para el kernel. Este fallo afecta a las versiones del kernel anteriores a v5.16-rc6
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-01-17 CVE Reserved
- 2022-02-04 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-755: Improper Handling of Exceptional Conditions
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2041547 | 2022-11-16 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " < 5.16" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.16 Search vendor "Linux" for product "Linux Kernel" and version "5.16" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.16 Search vendor "Linux" for product "Linux Kernel" and version "5.16" | rc1 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.16 Search vendor "Linux" for product "Linux Kernel" and version "5.16" | rc2 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.16 Search vendor "Linux" for product "Linux Kernel" and version "5.16" | rc3 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.16 Search vendor "Linux" for product "Linux Kernel" and version "5.16" | rc4 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.16 Search vendor "Linux" for product "Linux Kernel" and version "5.16" | rc5 |
Affected
| ||||||