An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalat
An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux 9 | 0:5.14.0-362.8.1.el9_3 |
| Red Hat | Red Hat Enterprise Linux 9 | 0:5.14.0-362.8.1.el9_3 |
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | 0:5.14.0-284.48.1.el9_2 |
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | 0:5.14.0-284.48.1.rt14.333.el9_2 |
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | unspecified |
| Red Hat | Red Hat Enterprise Linux 6 | unspecified |
| Red Hat | Red Hat Enterprise Linux 7 | unspecified |
| Red Hat | Red Hat Enterprise Linux 7 | unspecified |
| Red Hat | Red Hat Enterprise Linux 8 | unspecified |
| Red Hat | Red Hat Enterprise Linux 8 | unspecified |
| Red Hat | Red Hat Enterprise Linux 9 | unspecified |
Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.
For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.
Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:
No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.