Description

In the Linux kernel, the following vulnerability has been resolved: libbpf: Handle size overflow for ringbuf mmap The maximum size of ringbuf is 2GB on x86-64 host, so 2 * max_entries will overflow u32 when mapping producer page and data pages. Only casting max_entries to size_t is not enough, because for 32-bits application on 64-bits kernel the size of read-only mmap region also could overflow size_t. So fixing it by casting the size of read-only mmap region into a __u64 and checking whether or not there will be overflow during mmap.

INFO

Published Date :

2024-10-21T20:06:34.571Z

Last Modified :

2025-05-04T08:28:25.737Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49030 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49030.

URL Resource
https://git.kernel.org/stable/c/0140e079a42064680394fff1199a7b5483688dec cve-icon cve-icon
https://git.kernel.org/stable/c/535a25ab4f9a45f74ba38ab71de95e97474922ed cve-icon cve-icon
https://git.kernel.org/stable/c/8a549ab6724520aa3c07f47e0eba820293551490 cve-icon cve-icon
https://git.kernel.org/stable/c/927cbb478adf917e0a142b94baa37f06279cc466 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024102155-CVE-2022-49030-cee8@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49030 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49030 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact