Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() task_pt_regs() can return NULL on powerpc for kernel threads. This is then used in __bpf_get_stack() to check for user mode, resulting in a kernel oops. Guard against this by checking return value of task_pt_regs() before trying to obtain the call chain.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.9, < 5.10.96 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/0bcd484587b3b3092e448d27dc369e347e1810c3Patch
- https://git.kernel.org/stable/c/b82ef4985a6d05e80f604624332430351df7b79aPatch
- https://git.kernel.org/stable/c/b992f01e66150fc5e90be4a96f5eb8e634c8249ePatch
- https://git.kernel.org/stable/c/ff6bdc205fd0a83bd365405d4e31fb5905826996Patch
- https://git.kernel.org/stable/c/0bcd484587b3b3092e448d27dc369e347e1810c3Patch
- https://git.kernel.org/stable/c/b82ef4985a6d05e80f604624332430351df7b79aPatch
- https://git.kernel.org/stable/c/b992f01e66150fc5e90be4a96f5eb8e634c8249ePatch
- https://git.kernel.org/stable/c/ff6bdc205fd0a83bd365405d4e31fb5905826996Patch
FAQ
What is CVE-2022-48770?
CVE-2022-48770 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() task_pt_regs() can return NULL on powerpc for kernel threads. Th...
How severe is CVE-2022-48770?
CVE-2022-48770 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-48770?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.