6 matches found
CVE-2022-49236
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...
CVE-2022-49236
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...
CVE-2022-49236 bpf: Fix UAF due to race between btf_try_get_module and load_module
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...
CVE-2022-49236
CVE-2022-49236 concerns a Linux kernel use-after-free in BPF/BTF handling: a race between module init and module reuse could allow BTF IDs to be published before a module is fully live. The fix, as described in the related documentation, is to set a BTF_MODULE_F_LIVE flag at MODULE_STATE_LIVE so ...
CVE-2022-49236
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...
CVE-2022-49236 bpf: Fix UAF due to race between btf_try_get_module and load_module
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...