CVE-2022-3623

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2022-3623
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2022-10-20 20:15:00 UTC
Updated2023-08-18 18:55:00 UTC
DescriptionA vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability.

Risk And Classification

Problem Types: CWE-362

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Operating System Debian Debian Linux 11.0 All All All
Operating System Linux Linux Kernel All All All All
Operating System Linux Linux Kernel - All All All

References

ReferenceSourceLinkTags
[SECURITY] [DLA 3349-1] linux-5.10 security update MLIST lists.debian.org
Debian -- Security Information -- DSA-5324-1 linux DEBIAN www.debian.org
kernel/git/bpf/bpf-next.git - BPF next kernel tree N/A git.kernel.org
Login required N/A vuldb.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 160583 Oracle Enterprise Linux Security Update for kernel (ELSA-2023-2458)
  • 160692 Oracle Enterprise Linux Security Update for kernel (ELSA-2023-2951)
  • 181491 Debian Security Update for linux (DSA 5324-1)
  • 181618 Debian Security Update for linux-5.10 (DLA 3349-1)
  • 182616 Debian Security Update for linux (CVE-2022-3623)
  • 199089 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5793-1)
  • 199096 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-5793-2)
  • 199098 Ubuntu Security Notification for Linux kernel (IBM) Vulnerabilities (USN-5793-4)
  • 199099 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5793-3)
  • 199159 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5851-1)
  • 199160 Ubuntu Security Notification for Linux kernel (GKE) Vulnerabilities (USN-5860-1)
  • 199177 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5876-1)
  • 199179 Ubuntu Security Notification for Linux kernel (GKE) Vulnerabilities (USN-5877-1)
  • 199212 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5917-1)
  • 199224 Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5934-1)
  • 199226 Ubuntu Security Notification for Linux kernel (GCP) Vulnerabilities (USN-5939-1)
  • 199230 Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5940-1)
  • 199239 Ubuntu Security Notification for Linux kernel (IBM) Vulnerabilities (USN-5951-1)
  • 199276 Ubuntu Security Notification for Linux kernel (BlueField) Vulnerabilities (USN-6000-1)
  • 241417 Red Hat Update for kernel security (RHSA-2023:2458)
  • 241468 Red Hat Update for kernel-rt (RHSA-2023:2148)
  • 241504 Red Hat Update for kernel security (RHSA-2023:2951)
  • 241527 Red Hat Update for kernel-rt (RHSA-2023:2736)
  • 242890 Red Hat Update for kernel (RHSA-2024:0724)
  • 354237 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.15-2022-011
  • 354664 Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-099
  • 354666 Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-098
  • 354667 Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-097
  • 354668 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2023-025
  • 354670 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2023-041
  • 354671 Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-102
  • 354672 Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-101
  • 354738 Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-107
  • 354740 Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-103
  • 354742 Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-105
  • 354743 Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-104
  • 354744 Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-106
  • 355199 Amazon Linux Security Advisory for kernel : ALAS2023-2023-070
  • 377891 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0002)
  • 378468 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-20230042)
  • 378512 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0042)
  • 6140045 AWS Bottlerocket Security Update for kernel (GHSA-4m88-2mg9-j5p6)
  • 6140186 AWS Bottlerocket Security Update for kernel (GHSA-7477-v8ch-6v55)
  • 672495 EulerOS Security Update for kernel (EulerOS-SA-2023-1012)
  • 672516 EulerOS Security Update for kernel (EulerOS-SA-2023-1037)
  • 752889 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3897-1)
  • 941023 AlmaLinux Security Update for kernel (ALSA-2023:2458)
  • 941061 AlmaLinux Security Update for kernel-rt (ALSA-2023:2148)
  • 941096 AlmaLinux Security Update for kernel (ALSA-2023:2951)
  • 941114 AlmaLinux Security Update for kernel-rt (ALSA-2023:2736)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report