CVE-2022-49967

Summary

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix a data-race around bpf_jit_limit.

While reading bpf_jit_limit, it can be changed concurrently via sysctl, WRITE_ONCE() in __do_proc_doulongvec_minmax(). The size of bpf_jit_limit is long, so we need to add a paired READ_ONCE() to avoid load-tearing.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxede95a63b5e84ddeea6b0c473b36ab8bfd8c6ce3 < ba632ad0bacb13197a8f38e7526448974e87f292affected
LinuxLinuxede95a63b5e84ddeea6b0c473b36ab8bfd8c6ce3 < 0947ae1121083d363d522ff7518ee72b55bd8d29affected
LinuxLinuxc98446e1bab6253ddce7144cc2a91c400a323839affected
LinuxLinuxa1fe647042affe713a17243cd10e9b25f3d83948affected
LinuxLinux43caa29c99db5a41b204e8ced01b00e151335ca8affected
LinuxLinux4.9.190 < 4.10affected
LinuxLinux4.14.140 < 4.15affected
LinuxLinux4.19.47 < 4.20affected
LinuxLinux4.20affected
LinuxLinux0 < 4.20unaffected
LinuxLinux5.19.8 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References