Unrated severityNVD Advisory· Published Aug 22, 2024· Updated May 4, 2025

bpf: Fix crash due to out of bounds access into reg2btf_ids.

CVE-2022-48929

Description

In the Linux kernel, the following vulnerability has been resolved:

When commit e6ac2450d6de ("bpf: Support bpf program calling kernel function") added kfunc support, it defined reg2btf_ids as a cheap way to translate the verifier reg type to the appropriate btf_vmlinux BTF ID, however commit c25b2ae13603 ("bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL") moved the __BPF_REG_TYPE_MAX from the last member of bpf_reg_type enum to after the base register types, and defined other variants using type flag composition. However, now, the direct usage of reg->type to index into reg2btf_ids may no longer fall into __BPF_REG_TYPE_MAX range, and hence lead to out of bounds access and kernel crash on dereference of bad pointer.

Affected products

osv-coords96 versions
pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%20Micro%205.5 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%20Micro%205.5 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%20Micro%205.5 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.5 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.3 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.4 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Proxy%204.3 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Server%204.3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.4 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Proxy%204.3 pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Server%204.3 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_31&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4 pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_19&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_19&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Proxy%204.3 pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Server%204.3 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-syms&distro=SUSE%20Manager%20Proxy%204.3 pkg:rpm/suse/kernel-syms&distro=SUSE%20Manager%20Server%204.3 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Manager%20Server%204.3
< 5.14.21-150500.55.80.1+ 95 more
- (no CPE)range: < 5.14.21-150500.55.80.1
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150500.33.66.1
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150500.55.80.2.150500.6.35.6
- (no CPE)range: < 5.14.21-150500.55.80.2.150500.6.35.6
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150500.55.80.1
- (no CPE)range: < 5.14.21-150500.55.80.1
- (no CPE)range: < 5.14.21-150500.13.67.3
- (no CPE)range: < 5.14.21-150500.13.67.3
- (no CPE)range: < 5.14.21-150500.13.67.3
- (no CPE)range: < 5.14.21-150500.33.66.1
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150500.13.67.3
- (no CPE)range: < 5.14.21-150500.33.66.1
- (no CPE)range: < 5.14.21-150500.55.80.1
- (no CPE)range: < 5.14.21-150500.13.67.1
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150500.33.66.1
- (no CPE)range: < 5.14.21-150400.24.133.2.150400.24.64.5
- (no CPE)range: < 5.14.21-150400.24.133.2.150400.24.64.5
- (no CPE)range: < 5.14.21-150400.24.133.2.150400.24.64.5
- (no CPE)range: < 5.14.21-150400.24.133.2.150400.24.64.5
- (no CPE)range: < 5.14.21-150500.55.80.2.150500.6.35.6
- (no CPE)range: < 5.14.21-150500.55.80.2.150500.6.35.6
- (no CPE)range: < 5.14.21-150400.24.133.2.150400.24.64.5
- (no CPE)range: < 5.14.21-150400.24.133.2.150400.24.64.5
- (no CPE)range: < 5.14.21-150400.24.133.2.150400.24.64.5
- (no CPE)range: < 5.14.21-150400.24.133.2.150400.24.64.5
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.1
- (no CPE)range: < 5.14.21-150400.24.133.1
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150400.24.133.1
- (no CPE)range: < 5.14.21-150400.24.133.1
- (no CPE)range: < 1-150400.9.3.2
- (no CPE)range: < 1-150500.11.3.2
- (no CPE)range: < 1-150500.11.3.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150500.55.80.1
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150500.13.67.3
- (no CPE)range: < 5.14.21-150400.15.91.3
- (no CPE)range: < 5.14.21-150400.15.91.3
- (no CPE)range: < 5.14.21-150500.13.67.3
- (no CPE)range: < 5.14.21-150500.13.67.3
- (no CPE)range: < 5.14.21-150500.33.66.1
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.15.91.3
- (no CPE)range: < 5.14.21-150400.15.91.3
- (no CPE)range: < 5.14.21-150500.13.67.3
- (no CPE)range: < 5.14.21-150500.13.67.3
- (no CPE)range: < 5.14.21-150500.33.66.1
- (no CPE)range: < 5.14.21-150400.24.133.1
- (no CPE)range: < 5.14.21-150400.24.133.1
- (no CPE)range: < 5.14.21-150500.55.80.1
- (no CPE)range: < 5.14.21-150400.24.133.1
- (no CPE)range: < 5.14.21-150400.24.133.1
- (no CPE)range: < 5.14.21-150400.24.133.1
- (no CPE)range: < 5.14.21-150400.24.133.1
- (no CPE)range: < 5.14.21-150500.13.67.1
- (no CPE)range: < 5.14.21-150500.55.80.2
- (no CPE)range: < 5.14.21-150400.24.133.2
- (no CPE)range: < 5.14.21-150400.24.133.2
Linux/Linuxcpe-rescue
Range: 5.16.11

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000