CVE-2022-3623

Name
CVE-2022-3623
Description
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
N/A https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=fac35ba763ed07ba93154c95ffc0c4a55023707f
N/A https://vuldb.com/?id.211921
Third Party Advisory https://www.debian.org/security/2023/dsa-5324
Mailing List https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* linux_kernel == None == -
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 6.0 < 6.0.3
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 5.16 < 5.19.17
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 5.11 < 5.15.78
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 5.5 < 5.10.159
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 5.1 < 5.4.228

Vulnerable and fixed packages

Source package Branch Version Maintainer Status