CVE-2022-48940
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2022-48940 is a vulnerability in the Linux kernel affecting various products that utilize BPF (Berkeley Packet Filter) maps, specifically when both bpf_spin_lock and bpf_timer objects are present. The flaw arises due to improper handling of memory during the copying process between map values, which can result in a crash if one object overwrites another. If left unaddressed, this can lead to high availability impacts as evidenced by error messages during testing. To remediate this issue, users should apply the latest patches provided in the Linux kernel updates. The vulnerability poses a medium security risk with a CVSS base score of 5.5, requiring low privileges and no user interaction for exploitation, primarily affecting local systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.