A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=fac35ba763ed07ba93154c95ffc0c4a55023707f | Mailing List Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html | Mailing List Third Party Advisory |
https://vuldb.com/?id.211921 | Third Party Advisory |
https://www.debian.org/security/2023/dsa-5324 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
18 Aug 2023, 18:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html - Mailing List, Third Party Advisory |
03 Mar 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Mar 2023, 18:11
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* | |
References |
|
25 Oct 2022, 19:36
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* | |
References | (N/A) https://vuldb.com/?id.211921 - Third Party Advisory | |
References | (N/A) https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=fac35ba763ed07ba93154c95ffc0c4a55023707f - Mailing List, Patch, Vendor Advisory |
20 Oct 2022, 21:10
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-20 20:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-3623
Mitre link : CVE-2022-3623
CVE.ORG link : CVE-2022-3623
JSON object : View
Products Affected
debian
- debian_linux
linux
- linux_kernel
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')