CVE-2022-3623

CVSS v3.1 7.5 (High)

EPSS 0.22 % (61^th)

Affected Products 2

Advisories 25

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability.

Weaknesses

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE Status: PUBLISHED
CNA: VulDB
Published Date: 2022-10-20 20:15:09
(23 months ago)
Updated Date: 2023-08-18 18:55:40
(13 months ago)

Affected Products

Debian

Debian Linux

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 5.1 version and prior 5.4.228 version	cpe:2.3:o:linux:linux_kernel	>= 5.1	< 5.4.228
Linux Kernel from 5.5 version and prior 5.10.159 version	cpe:2.3:o:linux:linux_kernel	>= 5.5	< 5.10.159
Linux Kernel from 5.11 version and prior 5.15.78 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.78
Linux Kernel from 5.16 version and prior 5.19.17 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 5.19.17
Linux Kernel from 6.0 version and prior 6.0.3 version	cpe:2.3:o:linux:linux_kernel	>= 6.0	< 6.0.3

Configuration #2

		CPE23	From	Up To
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0