GHSA-f2f7-qfwq-94j2

Опубликовано: 18 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.7

Описание

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix a data-race around bpf_jit_limit.

While reading bpf_jit_limit, it can be changed concurrently via sysctl, WRITE_ONCE() in __do_proc_doulongvec_minmax(). The size of bpf_jit_limit is long, so we need to add a paired READ_ONCE() to avoid load-tearing.

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix a data-race around bpf_jit_limit.

Ссылки

EPSS

Процентиль: 1%

0.00012

Низкий

4.7 Medium

CVSS3

CVE ID

CVE-2022-49967

Дефекты

CWE-362

Связанные уязвимости

CVE-2022-49967

CVSS3: 4.7

ubuntu

8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpf_jit_limit. While reading bpf_jit_limit, it can be changed concurrently via sysctl, WRITE_ONCE() in __do_proc_doulongvec_minmax(). The size of bpf_jit_limit is long, so we need to add a paired READ_ONCE() to avoid load-tearing.