CVE-2022-48770

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48770
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48770.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-48770
Downstream
Related
Published
2024-06-20T11:13:45.193Z
Modified
2025-11-28T08:47:11.286146Z
Summary
bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: Guard against accessing NULL ptregs in bpfgettaskstack()

taskptregs() can return NULL on powerpc for kernel threads. This is then used in _bpfgetstack() to check for user mode, resulting in a kernel oops. Guard against this by checking return value of taskpt_regs() before trying to obtain the call chain.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48770.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
fa28dcb82a38f8e3993b0fae9106b1a80b59e4f0
Fixed
ff6bdc205fd0a83bd365405d4e31fb5905826996
Fixed
0bcd484587b3b3092e448d27dc369e347e1810c3
Fixed
b82ef4985a6d05e80f604624332430351df7b79a
Fixed
b992f01e66150fc5e90be4a96f5eb8e634c8249e

Affected versions

v5.*

v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.10.1
v5.10.10
v5.10.11
v5.10.12
v5.10.13
v5.10.14
v5.10.15
v5.10.16
v5.10.17
v5.10.18
v5.10.19
v5.10.2
v5.10.20
v5.10.21
v5.10.22
v5.10.23
v5.10.24
v5.10.25
v5.10.26
v5.10.27
v5.10.28
v5.10.29
v5.10.3
v5.10.30
v5.10.31
v5.10.32
v5.10.33
v5.10.34
v5.10.35
v5.10.36
v5.10.37
v5.10.38
v5.10.39
v5.10.4
v5.10.40
v5.10.41
v5.10.42
v5.10.43
v5.10.44
v5.10.45
v5.10.46
v5.10.47
v5.10.48
v5.10.49
v5.10.5
v5.10.50
v5.10.51
v5.10.52
v5.10.53
v5.10.54
v5.10.55
v5.10.56
v5.10.57
v5.10.58
v5.10.59
v5.10.6
v5.10.60
v5.10.61
v5.10.62
v5.10.63
v5.10.64
v5.10.65
v5.10.66
v5.10.67
v5.10.68
v5.10.69
v5.10.7
v5.10.70
v5.10.71
v5.10.72
v5.10.73
v5.10.74
v5.10.75
v5.10.76
v5.10.77
v5.10.78
v5.10.79
v5.10.8
v5.10.80
v5.10.81
v5.10.82
v5.10.83
v5.10.84
v5.10.85
v5.10.86
v5.10.87
v5.10.88
v5.10.89
v5.10.9
v5.10.90
v5.10.91
v5.10.92
v5.10.93
v5.10.94
v5.10.95
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.2
v5.15.3
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.2
v5.16.3
v5.16.4
v5.8
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "87476905145350513683560255652796726364",
                "184563465471568293314723306481547783027",
                "216289166173083625395317901019415917029",
                "258727836920159538513570154868798752349",
                "127151045416202207401729971754934433732",
                "42362273536117570824466612198410763027",
                "3013808377807609457523896484134133893",
                "114898225374027435598489999633558752621"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "kernel/bpf/stackmap.c"
        },
        "signature_type": "Line",
        "id": "CVE-2022-48770-3083c7a5",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b82ef4985a6d05e80f604624332430351df7b79a"
    },
    {
        "signature_version": "v1",
        "digest": {
            "function_hash": "235962930155882955712540234576597042606",
            "length": 287.0
        },
        "deprecated": false,
        "target": {
            "file": "kernel/bpf/stackmap.c",
            "function": "BPF_CALL_4"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48770-45f975ab",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b82ef4985a6d05e80f604624332430351df7b79a"
    },
    {
        "signature_version": "v1",
        "digest": {
            "function_hash": "235962930155882955712540234576597042606",
            "length": 287.0
        },
        "deprecated": false,
        "target": {
            "file": "kernel/bpf/stackmap.c",
            "function": "BPF_CALL_4"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48770-82bab482",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0bcd484587b3b3092e448d27dc369e347e1810c3"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "87476905145350513683560255652796726364",
                "184563465471568293314723306481547783027",
                "216289166173083625395317901019415917029",
                "258727836920159538513570154868798752349",
                "127151045416202207401729971754934433732",
                "42362273536117570824466612198410763027",
                "3013808377807609457523896484134133893",
                "114898225374027435598489999633558752621"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "kernel/bpf/stackmap.c"
        },
        "signature_type": "Line",
        "id": "CVE-2022-48770-97d545e5",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b992f01e66150fc5e90be4a96f5eb8e634c8249e"
    },
    {
        "signature_version": "v1",
        "digest": {
            "function_hash": "235962930155882955712540234576597042606",
            "length": 287.0
        },
        "deprecated": false,
        "target": {
            "file": "kernel/bpf/stackmap.c",
            "function": "BPF_CALL_4"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48770-f237fdf3",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b992f01e66150fc5e90be4a96f5eb8e634c8249e"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "87476905145350513683560255652796726364",
                "184563465471568293314723306481547783027",
                "216289166173083625395317901019415917029",
                "258727836920159538513570154868798752349",
                "127151045416202207401729971754934433732",
                "42362273536117570824466612198410763027",
                "3013808377807609457523896484134133893",
                "114898225374027435598489999633558752621"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "kernel/bpf/stackmap.c"
        },
        "signature_type": "Line",
        "id": "CVE-2022-48770-f9557860",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0bcd484587b3b3092e448d27dc369e347e1810c3"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.9.0
Fixed
5.10.96
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.19
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.16.5