CVE-2022-49967

Advisory lineage Upstream: 0 Downstream: 4
Analyzed
Published: 18 Jun 2025, 11:00
Last modified:23 May 2026, 15:23

Vulnerability Summary

Overall Risk (default)
low
19/100
CVSS Score
4.7 MEDIUM
v3.1 (nvd)
EPSS Score
0.04% LOW
0% probability +0.03%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

18 Jun 2025, 11:00
Published
Vulnerability first disclosed
23 May 2026, 15:23
Last Modified
Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpf_jit_limit. While reading bpf_jit_limit, it can be changed concurrently via sysctl, WRITE_ONCE() in __do_proc_doulongvec_minmax(). The size of bpf_jit_limit is long, so we need to add a paired READ_ONCE() to avoid load-tearing.

CVSS Metrics

  • v3.1MEDIUMScore: 4.7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.04% Percentile: 13%

Techniques & Countermeasures

  • CWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

    The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Affected Systems

  • linuxlinux

    ≥ ede95a63b5e84ddeea6b0c473b36ab8bfd8c6ce3, < ba632ad0bacb13197a8f38e7526448974e87f292 | ≥ ede95a63b5e84ddeea6b0c473b36ab8bfd8c6ce3, < 0947ae1121083d363d522ff7518ee72b55bd8d29 | c98446e1bab6253ddce7144cc2a91c400a323839 | a1fe647042affe713a17243cd10e9b25f3d83948 | 43caa29c99db5a41b204e8ced01b00e151335ca8 | ≥ 4.9.190, < 4.10 | ≥ 4.14.140, < 4.15 | ≥ 4.19.47, < 4.20 | 4.20

  • linuxlinux_kernel

    ≥ 4.9.190, < 4.10 | ≥ 4.14.140, < 4.15 | ≥ 4.19.47, < 5.19.8 | 6.0:rc1 | 6.0:rc2 | 6.0:rc3

References (2)