CVE-2022-3606

A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 LOW
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
𝑥
< 6.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libbpf
bookworm
1.1.0-1
fixed
bullseye
no-dsa
sid
1.4.6-1
fixed
trixie
1.4.6-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dwarves-dfsg
bionic
Fixed 1.21-0ubuntu1~18.04.1+esm1
released
focal
Fixed 1.21-0ubuntu1~20.04.1
released
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
ignored
xenial
needs-triage
libbpf
bionic
dne
focal
Fixed 0.5.0-1~ubuntu20.04.1+esm1
released
jammy
Fixed 0.5.0-1ubuntu22.04.1
released
kinetic
Fixed 0.8.0-1ubuntu22.10.1
released
lunar
Fixed 1.0.1-2ubuntu1
released
mantic
Fixed 1.0.1-2ubuntu1
released
noble
Fixed 1.0.1-2ubuntu1
released
trusty
ignored
xenial
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
kernel-64kb
suse enterprise server 15 SP3
5.3.18-150300.59.112.1
fixed
kernel-default
suse enterprise server 15 SP3
5.3.18-150300.59.112.1
fixed
kernel-default-base
suse enterprise server 15 SP3
5.3.18-150300.59.112.1.150300.18.64.1
fixed
kernel-docs
suse enterprise server 15 SP3
5.3.18-150300.59.112.1
fixed
kernel-macros
suse enterprise server 15 SP3
5.3.18-150300.59.112.1
fixed
kernel-obs-build
suse enterprise server 15 SP3
5.3.18-150300.59.112.1
fixed
kernel-preempt
suse enterprise server 15 SP3
5.3.18-150300.59.112.1
fixed
kernel-source
suse enterprise server 15 SP3
5.3.18-150300.59.112.1
fixed
kernel-syms
suse enterprise server 15 SP3
5.3.18-150300.59.112.1
fixed
kernel-zfcpdump
suse enterprise server 15 SP3
5.3.18-150300.59.112.1
fixed
libbpf0
suse enterprise desktop 15 SP5
0.5.0-150400.3.3.1
fixed
suse enterprise sap 15 SP5
0.5.0-150400.3.3.1
fixed
suse enterprise server 15 SP5
0.5.0-150400.3.3.1
fixed
libbpf1
suse enterprise desktop 15 SP5
1.1.0-150500.1.1
fixed
suse enterprise sap 15 SP5
1.1.0-150500.1.1
fixed
suse enterprise server 15 SP5
1.1.0-150500.1.1
fixed
reiserfs-kmp-default
suse enterprise server 15 SP3
5.3.18-150300.59.112.1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=d0d382f95a9270dcf803539d6781d6bd67e3f5b2
https://vuldb.com/?id.211749
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=d0d382f95a9270dcf803539d6781d6bd67e3f5b2
https://lists.debian.org/debian-lts-announce/2025/04/msg00033.html
https://vuldb.com/?id.211749