Description

In the Linux kernel, the following vulnerability has been resolved: bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE When using bpftool to pin {PROG, MAP, LINK} without FILE, segmentation fault will occur. The reson is that the lack of FILE will cause strlen to trigger NULL pointer dereference. The corresponding stacktrace is shown below: do_pin do_pin_any do_pin_fd mount_bpffs_for_pin strlen(name) <- NULL pointer dereference Fix it by adding validation to the common process.

INFO

Published Date :

2025-05-01T14:10:24.427Z

Last Modified :

2025-10-01T16:03:25.233Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49875 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49875.

URL Resource
https://git.kernel.org/stable/c/34de8e6e0e1f66e431abf4123934a2581cb5f133 cve-icon cve-icon
https://git.kernel.org/stable/c/6dcdd1b68b7f9333d48d48fc77b75e7f235f6a4a cve-icon cve-icon
https://git.kernel.org/stable/c/8c80b2fca4112d724dde477aed13f7b0510a2792 cve-icon cve-icon
https://git.kernel.org/stable/c/da5161ba94c5e9182c301dd4f09c94f715c068bd cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050152-CVE-2022-49875-9422@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49875 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49875 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact