CVE-2022-48714

June 20, 2024, 12:43 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Use VM_MAP instead of VM_ALLOC for ringbuf After commit 2fd3fb0be1d1 ("kasan, vmalloc: unpoison VM_ALLOC pages after mapping"), non-VM_ALLOC mappings will be marked as accessible in __get_vm_area_node() when KASAN is enabled. But now the flag for ringbuf area is VM_ALLOC, so KASAN will complain out-of-bound access after vmap() returns. Because the ringbuf area is created by mapping allocated pages, so use VM_MAP instead. After the change, info in /proc/vmallocinfo also changes from [start]-[end] 24576 ringbuf_map_alloc+0x171/0x290 vmalloc user to [start]-[end] 24576 ringbuf_map_alloc+0x171/0x290 vmap user

Product(s) Impacted

Product Versions
Linux Kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/5e457aeab52a5947619e1f18047f4d2f3212b3eb
https://git.kernel.org/stable/c/6304a613a97d6dcd49b93fbad31e9f39d1e138d6
https://git.kernel.org/stable/c/b293dcc473d22a62dc6d78de2b15e4f49515db56
https://git.kernel.org/stable/c/d578933f6226d5419af9306746efa1c693cbaf9c

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-06-20
CVE-2022-48714

Timeline

Published: June 20, 2024, 11:15 a.m.
Last Modified: June 20, 2024, 12:43 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.