VDB-211029 · ~~CVE-2022-3531~~

Linux Kernel BPF kprobe_multi_test.c get_syms memory leak 🚫 [False Positive]

A vulnerability was suspected in Linux Kernel. This issue was flagged as a false-positive. Please consult the sources mentioned and consider not using this entry at all.

Field	11/09/2022 14:45	11/09/2022 14:47	12/17/2022 10:18
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_e	X	X	X
cvss2_vuldb_basescore	2.3	2.3	2.3
cvss2_vuldb_tempscore	2.0	2.0	2.0
cvss3_vuldb_basescore	3.5	3.5	3.5
cvss3_vuldb_tempscore	3.4	3.4	3.4
cvss3_meta_basescore	3.5	4.2	4.2
cvss3_meta_tempscore	3.4	4.2	4.2
price_0day	$0-$5k	$0-$5k	$0-$5k
vendor	Linux	Linux	Linux
name	Kernel	Kernel	Kernel
component	BPF	BPF	BPF
file	tools/testing/selftests/bpf/prog_tests/kprobe_multi_test.c	tools/testing/selftests/bpf/prog_tests/kprobe_multi_test.c	tools/testing/selftests/bpf/prog_tests/kprobe_multi_test.c
function	get_syms	get_syms	get_syms
cwe	401 (memory leak)	401 (memory leak)	401 (memory leak)
risk	1	1	1
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	L	L	L
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	U
url	https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=6d2e21dc4db3933db65293552ecc1ede26febeca	https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=6d2e21dc4db3933db65293552ecc1ede26febeca	https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=6d2e21dc4db3933db65293552ecc1ede26febeca
name	Patch	Patch	Patch
patch_url	https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=6d2e21dc4db3933db65293552ecc1ede26febeca	https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=6d2e21dc4db3933db65293552ecc1ede26febeca	https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=6d2e21dc4db3933db65293552ecc1ede26febeca
cve	CVE-2022-3531	CVE-2022-3531	CVE-2022-3531
responsible	VulDB	VulDB	VulDB
date	1665957600 (10/17/2022)	1665957600 (10/17/2022)	1665957600 (10/17/2022)
type	Operating System	Operating System	Operating System
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_rc	C	C	UC
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_av	A	A	A
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	S	S	S
cvss2_vuldb_e	ND	ND	ND
cvss3_vuldb_av	A	A	A
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
cve_assigned	1665957600 (10/17/2022)	1665957600 (10/17/2022)	1665957600 (10/17/2022)
cve_nvd_summary	A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function get_syms of the file tools/testing/selftests/bpf/prog_tests/kprobe_multi_test.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier VDB-211029 was assigned to this vulnerability.	A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function get_syms of the file tools/testing/selftests/bpf/prog_tests/kprobe_multi_test.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier VDB-211029 was assigned to this vulnerability.	A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function get_syms of the file tools/testing/selftests/bpf/prog_tests/kprobe_multi_test.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier VDB-211029 was assigned to this vulnerability.
cvss3_nvd_av		A	A
cvss3_nvd_ac		L	L
cvss3_nvd_pr		L	L
cvss3_nvd_ui		N	N
cvss3_nvd_s		U	U
cvss3_nvd_c		N	N
cvss3_nvd_i		N	N
cvss3_nvd_a		H	H
cvss3_cna_av		A	A
cvss3_cna_ac		L	L
cvss3_cna_pr		L	L
cvss3_cna_ui		N	N
cvss3_cna_s		U	U
cvss3_cna_c		N	N
cvss3_cna_i		N	N
cvss3_cna_a		L	L
cve_cna		VulDB	VulDB
cvss3_nvd_basescore		5.7	5.7
cvss3_cna_basescore		3.5	3.5
disputed			1
falsepositive			1

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!