CVE-2022-25265
Description
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.272
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update bpftool-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-abi-stablelists-4.18.0-477.10.1.el8_8.noarch.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-core-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-cross-headers-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-debug-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-debug-core-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-debug-devel-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-debug-modules-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-debug-modules-extra-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-devel-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-doc-4.18.0-477.10.1.el8_8.noarch.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-headers-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-modules-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-modules-extra-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-tools-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update kernel-tools-libs-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update perf-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| (RHSA-2023:2951) kernel security, bug fix, and enhancement update python3-perf-4.18.0-477.10.1.el8_8.x86_64.rpm | Linux |
| Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2022-25265) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234