CVE-2022-0500
Description
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernels BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.03
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-5518-1) linux-image-aws_5.15.0.1023.23_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-gcp_5.15.0.1022.19_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-gke_5.15.0.1020.21_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-ibm_5.15.0.1018.16_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-kvm_5.15.0.1013.11_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-azure_5.15.0.1023.22_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-oracle_5.15.0.1022.19_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-generic_5.15.0.43.44_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-virtual_5.15.0.43.44_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-gke-5.15_5.15.0.1020.21_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-oem-20.04_5.15.0.54.54_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-lowlatency_5.15.0.43.41_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-5.15.0-1010-ibm_5.15.0-1010.12_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-5.15.0-1011-gke_5.15.0-1011.14_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-5.15.0-1013-gcp_5.15.0-1013.18_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-5.15.0-1013-kvm_5.15.0-1013.16_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-5.15.0-1015-aws_5.15.0-1015.19_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-5.15.0-1014-azure_5.15.0-1014.17_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-5.15.0-41-generic_5.15.0-41.44_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-generic-hwe-22.04_5.15.0.43.44_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-virtual-hwe-22.04_5.15.0.54.54_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-5.15.0-1013-oracle_5.15.0-1013.17_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-5.15.0-41-lowlatency_5.15.0-41.44_amd64.deb | Linux |
| Linux kernel (USN-5518-1) linux-image-lowlatency-hwe-22.04_5.15.0.53.48_amd64.deb | Linux |
| Linux kernel for Intel IoT platforms (USN-5564-1) linux-image-intel-iotg_5.15.0.1013.13_amd64.deb | Linux |
| Linux kernel for Intel IoT platforms (USN-5564-1) linux-image-5.15.0-1013-intel-iotg_5.15.0-1013.17_amd64.deb | Linux |
| kernel update (TU-CESAS-0005) kernel-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-doc-4.18.0-532.el8.noarch.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-doc-5.14.0-402.el9.noarch.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-devel-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-devel-5.14.0-402.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-tools-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-headers-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-headers-5.14.0-402.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-modules-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-tools-libs-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-devel-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-devel-5.14.0-402.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-devel-matched-5.14.0-402.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-modules-extra-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-devel-matched-5.14.0-402.el9.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0005) kernel-debug-modules-extra-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0006) kernel-core-4.18.0-532.el8.x86_64.rpm | Linux |
| python3 update (TU-CESAS-0006) python3-perf-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0006) kernel-debug-core-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0006) kernel-debug-modules-4.18.0-532.el8.x86_64.rpm | Linux |
| kernel update (TU-CESAS-0006) kernel-abi-stablelists-4.18.0-532.el8.noarch.rpm | Linux |
| kernel update (TU-CESAS-0007) kernel-cross-headers-4.18.0-532.el8.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update bpftool-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update bpftool-debuginfo-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-abi-stablelists-4.18.0-553.el8_10.noarch.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-core-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-cross-headers-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-debug-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-debug-core-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-debug-debuginfo-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-debug-devel-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-debug-modules-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-debug-modules-extra-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-debuginfo-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-debuginfo-common-x86_64-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-devel-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-doc-4.18.0-553.el8_10.noarch.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-headers-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-modules-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-modules-extra-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-tools-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-tools-debuginfo-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update kernel-tools-libs-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update perf-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update perf-debuginfo-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update python3-perf-4.18.0-553.el8_10.x86_64.rpm | Linux |
| (RHSA-2024:3138)Moderate: security, bug fix, and enhancement update python3-perf-debuginfo-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Bpftool update (ELSA-2024-3138) bpftool-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel update (ELSA-2024-3138) kernel-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-abi-stablelists update (ELSA-2024-3138) kernel-abi-stablelists-4.18.0-553.el8_10.noarch.rpm | Linux |
| Kernel-core update (ELSA-2024-3138) kernel-core-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-cross-headers update (ELSA-2024-3138) kernel-cross-headers-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-debug update (ELSA-2024-3138) kernel-debug-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-debug-core update (ELSA-2024-3138) kernel-debug-core-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-debug-devel update (ELSA-2024-3138) kernel-debug-devel-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-debug-modules update (ELSA-2024-3138) kernel-debug-modules-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-debug-modules-extra update (ELSA-2024-3138) kernel-debug-modules-extra-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-devel update (ELSA-2024-3138) kernel-devel-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-doc update (ELSA-2024-3138) kernel-doc-4.18.0-553.el8_10.noarch.rpm | Linux |
| Kernel-headers update (ELSA-2024-3138) kernel-headers-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-modules update (ELSA-2024-3138) kernel-modules-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-modules-extra update (ELSA-2024-3138) kernel-modules-extra-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-tools update (ELSA-2024-3138) kernel-tools-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Kernel-tools-libs update (ELSA-2024-3138) kernel-tools-libs-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Perf update (ELSA-2024-3138) perf-4.18.0-553.el8_10.x86_64.rpm | Linux |
| Python3-perf update (ELSA-2024-3138) python3-perf-4.18.0-553.el8_10.x86_64.rpm | Linux |
| kernel Security Update (ALAS-2023-070) kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Legacy Module 15-SP5 ) reiserfs-kmp-default-debuginfo-5.14.21-150500.55.80.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Legacy Module 15-SP5 ) reiserfs-kmp-default-5.14.21-150500.55.80.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Development Tools Module 15-SP5 ) kernel-syms-5.14.21-150500.55.80.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Development Tools Module 15-SP5 ) kernel-source-5.14.21-150500.55.80.2.noarch.rpm | Linux |
| SUSE-SU-2024:3483-1(Development Tools Module 15-SP5 ) kernel-obs-build-debugsource-5.14.21-150500.55.80.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Development Tools Module 15-SP5 ) kernel-obs-build-5.14.21-150500.55.80.1.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Basesystem Module 15-SP5 ) kernel-macros-5.14.21-150500.55.80.2.noarch.rpm | Linux |
| SUSE-SU-2024:3483-1(Development Tools Module 15-SP5 ) kernel-docs-5.14.21-150500.55.80.2.noarch.rpm | Linux |
| SUSE-SU-2024:3483-1(Basesystem Module 15-SP5 ) kernel-devel-5.14.21-150500.55.80.2.noarch.rpm | Linux |
| SUSE-SU-2024:3483-1(Basesystem Module 15-SP5 ) kernel-default-devel-debuginfo-5.14.21-150500.55.80.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Basesystem Module 15-SP5 ) kernel-default-devel-5.14.21-150500.55.80.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Basesystem Module 15-SP5 ) kernel-default-debugsource-5.14.21-150500.55.80.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Basesystem Module 15-SP5 ) kernel-default-debuginfo-5.14.21-150500.55.80.2.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Basesystem Module 15-SP5 ) kernel-default-base-5.14.21-150500.55.80.2.150500.6.35.6.x86_64.rpm | Linux |
| SUSE-SU-2024:3483-1(Basesystem Module 15-SP5 ) kernel-default-5.14.21-150500.55.80.2.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) bpftool-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) python3-perf-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) perf-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) kernel-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) kernel-devel-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) kernel-headers-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) kernel-libbpf-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) kernel-libbpf-devel-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) kernel-libbpf-static-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) kernel-livepatch-6.1.10-15.42-1.0-0.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) kernel-tools-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| kernel Security Update (ALAS2023-2023-070) kernel-tools-devel-6.1.10-15.42.amzn2023.x86_64.rpm | Linux |
| Out-of-bounds Write Vulnerability (CVE-2022-0500) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234