Linux Distros Unpatched Vulnerability : CVE-2022-49985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a...

SUSE CVE-2022-49985

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...

UBUNTU-CVE-2022-49985

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...

CVE-2022-49985

The CVE-2022-49985 entry concerns the Linux kernel, where the BPF component allowed a range check descriptor to misrepresent a tight range because tnum_range(0, map->max_entries-1) may yield a superset of the intended values. The root cause is that the tnum-based range representation can erron...