Vulnerability CVE-2022-3606: Information

Description

A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-3606
Published: Oct. 19, 2022
Modified: Nov. 7, 2023
Error type identifier: CWE-404

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
kernel-image-rpi-unsisyphus6.6.23-alt16.6.23-alt1ALT-PU-2024-6818-2345422Fixed
libbpfsisyphus0.8.1-alt21.4.0-alt1ALT-PU-2023-1247-1315253Fixed
libbpfsisyphus_e2k0.8.1-alt20.8.1-alt2ALT-PU-2023-2584-1-Fixed
libbpfsisyphus_mipsel0.8.1-alt20.8.1-alt2ALT-PU-2023-2550-1-Fixed
libbpfsisyphus_riscv640.8.1-alt21.4.0-alt1ALT-PU-2023-2555-1-Fixed
libbpfp100.8.1-alt20.8.1-alt2ALT-PU-2023-1318-1315256Fixed
libbpfc10f10.8.1-alt20.8.1-alt2ALT-PU-2023-1318-1315256Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
N/A
  • Third Party Advisory
N/A
  • Patch
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
      End excliding
      6.2
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top