Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Node.js marked module Vulnerabilities
January 17, 2022
Rewterz
Rewterz Threat Advisory – ICS: Mitsubishi Electric MELSEC-F Series
January 17, 2022

Rewterz Threat Advisory – CVE-2022-23222 – Linux Kernel Vulnerability

Severity

High

Analysis Summary

CVE-2022-23222 

Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation by the bpf verifier in kernel/bpf/verifier.c. By executing a specially-crafted eBPF program with certain *_OR_NULL pointer types, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute code in the context of the kernel.

Impact

  • Privilege Escalation

Affected Vendors

Linux

Affected Products

  • Linux Kernel 5.8.0
  • Linux Kernel 5.9
  • Linux Kernel 5.10
  • Linux Kernel 5.11

Remediation

Refer to Linux Kernel Advisory for patch, upgrade, or suggested workaround information.

https://www.kernel.org/