Integer overflow in Linux kernel

#VU99089 Integer overflow in Linux kernel

Cybersecurity Help s.r.o.

Published: 2024-10-22

Vulnerability identifier: #VU99089

Vulnerability risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-49030

CWE-ID: CWE-190

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the ring_buffer__add() function in tools/lib/bpf/ringbuf.c. A local user can execute arbitrary code.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel:

External links
http://git.kernel.org/stable/c/8a549ab6724520aa3c07f47e0eba820293551490
http://git.kernel.org/stable/c/0140e079a42064680394fff1199a7b5483688dec
http://git.kernel.org/stable/c/535a25ab4f9a45f74ba38ab71de95e97474922ed
http://git.kernel.org/stable/c/927cbb478adf917e0a142b94baa37f06279cc466

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

openEuler 22.03 LTS SP1 update for kernel

Integer overflow in Linux kernel lib bpf