CVE-2022-2905

Summary

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

Affected Software

VendorProductVersion RangeStatus
n/akernelLinux kernel 6.0-rc4affected

Weaknesses

  • CWE-125: CWE-125

ADP Enrichment

CVE Program Container

Additional References

References