Use of Uninitialized Resource

CVE-2022-0433

Medium

5.5/10

Summary

A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-908 - Use of Uninitialized Resource

The software uses or accesses a resource that has not been initialized.

References

Advisory Timeline

Published Mar 10, 2022

Use of Uninitialized Resource

CVE-2022-0433

Summary

CWE-908 - Use of Uninitialized Resource

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS