CVE-2022-49961

CVSS v2.0

7.7

High

Vector

AV:A/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the Linux kernel's bpf (Berkeley Packet Filter) functionality. It involves the propagation of precision markers for certain types of arguments, which is necessary for the verifier to correctly check the equivalence of states. Without this fix, the verifier may incorrectly prune states, allowing invalid programs to pass verification and potentially leading to out-of-bounds access. This problem is specific to privileged users with CAP BPF capabilities. A test case has been included to prevent future regressions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Unchecked Return Value

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-252CWE-253

Related Identifiers

AZL-70214

BDU:2026-02037

CVE-2022-49961

OESA-2025-1876

OESA-2025-1877

RHSA-2023:2458

RHSA-2023_2458

Affected Products

Debian

Linux Kernel

Red Hat

CVE-2022-49961

Weakness Enumeration

Related Identifiers

Affected Products

References · 29