CVE-2022-48929

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 22, 2024
Updated: Aug 23, 2024
CWE ID 125

Summary

CVE-2022-48929 is a vulnerability in the Linux kernel that can lead to a kernel crash due to an out-of-bounds access into reg2btf_ids. Affected products include various versions of the Linux kernel, with potential exploitation requiring low privileges and no user interaction, making it categorized as a local attack vector. The vulnerability arises from improper handling of the bpf verifier register types following changes made in recent commits. Remediation involves applying patches that address this access issue, which can prevent significant availability impacts characterized by a high risk of system crashes. The vulnerability has been rated with a medium severity score of 5.5, highlighting its potential threat to organizational stability and operations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share