CVE-2022-48929
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2022-48929 is a vulnerability in the Linux kernel that can lead to a kernel crash due to an out-of-bounds access into reg2btf_ids. Affected products include various versions of the Linux kernel, with potential exploitation requiring low privileges and no user interaction, making it categorized as a local attack vector. The vulnerability arises from improper handling of the bpf verifier register types following changes made in recent commits. Remediation involves applying patches that address this access issue, which can prevent significant availability impacts characterized by a high risk of system crashes. The vulnerability has been rated with a medium severity score of 5.5, highlighting its potential threat to organizational stability and operations.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.