CVE-2022-49658

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to insufficient bounds propagation in the Linux kernel's bpf (Berkeley Packet Filter) functionality. Specifically, it concerns the adjust scalar min max vals function, where a corner case allows for leaking pointers by turning a pointer register into an unknown scalar. This can occur when the tnum becomes constant after a call to reg bound offset(), but the register's bounds are not updated accordingly. The problem arises from the intersection with var off not being performed via update reg bounds(), leading to a 'malformed' constant. To address this, the code has been refactored to introduce a reg bounds sync() helper, ensuring consistent bounds correction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.