What the vulnerability does

01Description

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

Key dates

02Disclosure timeline

September 9, 2022 CVE published
August 3, 2024 Record updated