4.7
CVE-2022-49967
- EPSS 0.04%
- Veröffentlicht 18.06.2025 11:00:31
- Zuletzt bearbeitet 14.11.2025 17:28:43
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
bpf: Fix a data-race around bpf_jit_limit.
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpf_jit_limit. While reading bpf_jit_limit, it can be changed concurrently via sysctl, WRITE_ONCE() in __do_proc_doulongvec_minmax(). The size of bpf_jit_limit is long, so we need to add a paired READ_ONCE() to avoid load-tearing.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.9.190 < 4.10
Linux ≫ Linux Kernel Version >= 4.14.140 < 4.15
Linux ≫ Linux Kernel Version >= 4.19.47 < 5.19.8
Linux ≫ Linux Kernel Version6.0 Updaterc1
Linux ≫ Linux Kernel Version6.0 Updaterc2
Linux ≫ Linux Kernel Version6.0 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.129 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 1 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.