CVE-2022-3534

A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
-
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libbpf
bookworm
1.1.0-1
fixed
bullseye
no-dsa
sid
1.4.6-1
fixed
trixie
1.4.6-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dwarves-dfsg
bionic
Fixed 1.21-0ubuntu1~18.04.1+esm1
released
focal
Fixed 1.21-0ubuntu1~20.04.1
released
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
ignored
xenial
needs-triage
libbpf
bionic
dne
focal
Fixed 0.5.0-1~ubuntu20.04.1+esm1
released
jammy
Fixed 0.5.0-1ubuntu22.04.1
released
kinetic
Fixed 0.8.0-1ubuntu22.10.1
released
lunar
Fixed 1.0.1-2ubuntu1
released
mantic
Fixed 1.0.1-2ubuntu1
released
noble
Fixed 1.0.1-2ubuntu1
released
trusty
ignored
xenial
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libbpf-devel
suse enterprise desktop 15 SP6
1.2.2-150600.1.3
fixed
suse enterprise sap 15 SP6
1.2.2-150600.1.3
fixed
suse enterprise server 15 SP6
1.2.2-150600.1.3
fixed
libbpf0
suse enterprise desktop 15 SP4
0.5.0-150400.3.3.1
fixed
suse enterprise desktop 15 SP5
0.5.0-150400.3.3.1
fixed
suse enterprise sap 15 SP4
0.5.0-150400.3.3.1
fixed
suse enterprise sap 15 SP5
0.5.0-150400.3.3.1
fixed
suse enterprise server 15 SP4
0.5.0-150400.3.3.1
fixed
suse enterprise server 15 SP5
0.5.0-150400.3.3.1
fixed
libbpf1
suse enterprise desktop 15 SP5
1.1.0-150500.1.1
fixed
suse enterprise desktop 15 SP6
1.2.2-150600.1.3
fixed
suse enterprise sap 15 SP5
1.1.0-150500.1.1
fixed
suse enterprise sap 15 SP6
1.2.2-150600.1.3
fixed
suse enterprise server 15 SP5
1.1.0-150500.1.1
fixed
suse enterprise server 15 SP6
1.2.2-150600.1.3
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
bpftool
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
bpftool-debuginfo
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-debuginfo
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-debuginfo-common-aarch64
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-debuginfo-common-x86_64
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-devel
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-headers
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-libbpf
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-libbpf-devel
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-libbpf-static
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-livepatch-6.1.10-15.42
Amazon Linux 2023
0:1.0-0.amzn2023
fixed
kernel-tools
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-tools-debuginfo
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
kernel-tools-devel
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
libbpf
Amazon Linux 2
0:0.5.0-2.amzn2.0.3
fixed
libbpf-debuginfo
Amazon Linux 2
0:0.5.0-2.amzn2.0.3
fixed
libbpf-devel
Amazon Linux 2
0:0.5.0-2.amzn2.0.3
fixed
libbpf-static
Amazon Linux 2
0:0.5.0-2.amzn2.0.3
fixed
perf
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
perf-debuginfo
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
python3-perf
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed
python3-perf-debuginfo
Amazon Linux 2023
0:6.1.10-15.42.amzn2023
fixed