VYPR

BPF

by Linux

CVEs (2)

  • CVE-2022-2785MedSep 23, 2022
    risk 0.44cvss 6.7epss 0.00

    There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from…

  • CVE-2022-2905Sep 9, 2022
    risk 0.00cvss epss 0.00

    An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.