4 matches found
EUVD-2022-55022
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has moredata In tcpbpfsendverdict, if msg has more data after tcpbpfsendmsgredir: tcpbpfsendverdict tosend = msg-sg.size //msg-sg.size = 22220 case SKREDIRECT: skmsgreturn //uncharged...
CVE-2022-49204
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has moredata In tcpbpfsendverdict, if msg has more data after tcpbpfsendmsgredir: tcpbpfsendverdict tosend = msg-sg.size //msg-sg.size = 22220 case SKREDIRECT: skmsgreturn //uncharged...
CVE-2022-49204
Summary: CVE-2022-49204 is a Linux kernel vulnerability in the bpf/sockmap path related to uncharged data handling when a tcp_bpf_sendmsg_redir sequence occurs. The root cause is that msg->sg.size can be charged twice across the __SK_REDIRECT path, leading to uncharged memory being left in sk_...
CVE-2022-49204 bpf, sockmap: Fix more uncharged while msg has more_data
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has moredata In tcpbpfsendverdict, if msg has more data after tcpbpfsendmsgredir: tcpbpfsendverdict tosend = msg-sg.size //msg-sg.size = 22220 case SKREDIRECT: skmsgreturn //uncharged...