PT-2022-7029 · Linux+6 · Linux Kernel+6

Published

2022-10-13

Updated

2025-04-24

CVE-2022-3534

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description A critical vulnerability has been found in the Linux Kernel, specifically in the libbpf component. The issue is related to the function btf dump name dups of the file tools/lib/bpf/btf dump.c, which leads to use after free. This can potentially allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations To fix this issue, it is recommended to apply a patch. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-119

Related Identifiers

ALT-PU-2023-1247

ALT-PU-2023-1318

BDU:2023-06995

CVE-2022-3534

DLA-4137-1

MGASA-2023-0007

MGASA-2023-0008

OESA-2022-2033

OPENSUSE-SU-2023_0405-1

OPENSUSE-SU-2024:12491-1

SUSE-SU-2023:0405-1

SUSE-SU-2023_0405-1

USN-5759-1

USN-5759-2

USN-6215-1

Affected Products

Alt Linux

Astra Linux

Debian

Linux Kernel

Linuxmint

Suse

Ubuntu

PT-2022-7029 · Linux+6 · Linux Kernel+6

CVE-2022-3534

Weakness Enumeration

Related Identifiers

Affected Products

References · 68