Vulnerabilities > CVE-2022-3534 - Use After Free vulnerability in Linux Kernel

CVSS 8.0 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

linux

CWE-416

NVD

Published: 2022-10-17

Updated: 2023-11-07

Summary

A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel -	1

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://vuldb.com/?id.211032
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=93c660ca40b5d2f7c1b1626e955a8e9fa30e0749