Unrated severityNVD Advisory· Published Oct 20, 2022· Updated Apr 15, 2025
Linux Kernel BPF gup.c follow_page_pte race condition
CVE-2022-3623
Description
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability.
Affected products
68- osv-coords67 versionspkg:rpm/almalinux/bpftoolpkg:rpm/almalinux/kernelpkg:rpm/almalinux/kernel-64kpkg:rpm/almalinux/kernel-64k-corepkg:rpm/almalinux/kernel-64k-debugpkg:rpm/almalinux/kernel-64k-debug-corepkg:rpm/almalinux/kernel-64k-debug-develpkg:rpm/almalinux/kernel-64k-debug-devel-matchedpkg:rpm/almalinux/kernel-64k-debug-modulespkg:rpm/almalinux/kernel-64k-debug-modules-corepkg:rpm/almalinux/kernel-64k-debug-modules-extrapkg:rpm/almalinux/kernel-64k-develpkg:rpm/almalinux/kernel-64k-devel-matchedpkg:rpm/almalinux/kernel-64k-modulespkg:rpm/almalinux/kernel-64k-modules-corepkg:rpm/almalinux/kernel-64k-modules-extrapkg:rpm/almalinux/kernel-abi-stablelistspkg:rpm/almalinux/kernel-corepkg:rpm/almalinux/kernel-cross-headerspkg:rpm/almalinux/kernel-debugpkg:rpm/almalinux/kernel-debug-corepkg:rpm/almalinux/kernel-debug-develpkg:rpm/almalinux/kernel-debug-devel-matchedpkg:rpm/almalinux/kernel-debug-modulespkg:rpm/almalinux/kernel-debug-modules-corepkg:rpm/almalinux/kernel-debug-modules-extrapkg:rpm/almalinux/kernel-debug-uki-virtpkg:rpm/almalinux/kernel-develpkg:rpm/almalinux/kernel-devel-matchedpkg:rpm/almalinux/kernel-docpkg:rpm/almalinux/kernel-modulespkg:rpm/almalinux/kernel-modules-corepkg:rpm/almalinux/kernel-modules-extrapkg:rpm/almalinux/kernel-rtpkg:rpm/almalinux/kernel-rt-corepkg:rpm/almalinux/kernel-rt-debugpkg:rpm/almalinux/kernel-rt-debug-corepkg:rpm/almalinux/kernel-rt-debug-develpkg:rpm/almalinux/kernel-rt-debug-kvmpkg:rpm/almalinux/kernel-rt-debug-modulespkg:rpm/almalinux/kernel-rt-debug-modules-corepkg:rpm/almalinux/kernel-rt-debug-modules-extrapkg:rpm/almalinux/kernel-rt-develpkg:rpm/almalinux/kernel-rt-kvmpkg:rpm/almalinux/kernel-rt-modulespkg:rpm/almalinux/kernel-rt-modules-corepkg:rpm/almalinux/kernel-rt-modules-extrapkg:rpm/almalinux/kernel-toolspkg:rpm/almalinux/kernel-tools-libspkg:rpm/almalinux/kernel-tools-libs-develpkg:rpm/almalinux/kernel-uki-virtpkg:rpm/almalinux/kernel-zfcpdumppkg:rpm/almalinux/kernel-zfcpdump-corepkg:rpm/almalinux/kernel-zfcpdump-develpkg:rpm/almalinux/kernel-zfcpdump-devel-matchedpkg:rpm/almalinux/kernel-zfcpdump-modulespkg:rpm/almalinux/kernel-zfcpdump-modules-corepkg:rpm/almalinux/kernel-zfcpdump-modules-extrapkg:rpm/almalinux/perfpkg:rpm/almalinux/python3-perfpkg:rpm/almalinux/rtlapkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3
< 7.0.0-284.11.1.el9_2+ 66 more
- (no CPE)range: < 7.0.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.rt14.296.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.14.0-284.11.1.el9_2
- (no CPE)range: < 5.3.18-150300.38.83.1
- (no CPE)range: < 5.3.18-150300.38.83.1
- (no CPE)range: < 5.3.18-150300.38.83.1
- (no CPE)range: < 5.3.18-150300.38.83.1
- (no CPE)range: < 5.3.18-150300.38.83.1
- (no CPE)range: < 5.3.18-150300.38.83.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.debian.org/security/2023/dsa-5324mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2023/03/msg00000.htmlmitremailing-list
- git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/mitre
- vuldb.commitre
News mentions
0No linked articles in our index yet.