Linux Kernel eBPF local privilege escalation (CVE-2022-23222) vulnerability
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Impact: A local attacker may exploit this issue to gain elevated root privileges on the affected system.
Mitigation: Updates are available. Please check specific vendor advisory for more information.
02 Nov 2022 - Security Advisories & Alerts
20 Oct 2022 - Security Advisories & Alerts