Not to be fixed
Created: Feb 25, 2024
Updated: Mar 8, 2024
Resolved Date: Mar 8, 2024
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:
bpf: fix check for attempt to corrupt spilled pointer
When register is spilled onto a stack as a 1/2/4-byte register, we set
slot_typeBPF_REG_SIZE - 1] (plus potentially few more below it,
depending on actual spill size). So to check if some stack slot has
spilled register we need to consult slot_type[7], not slot_type[0].
To avoid the need to remember and double-check this in the future, just
use is_spilled_reg() helper.
CREATE(Triage):(User=admin) [CVE-2023-52462 (https://nvd.nist.gov/vuln/detail/CVE-2023-52462)