Linux Kernel Vulnerability: Proc_getargv() May Return Zero-Length String, Leading to Out-of-Bound Read
CVE-2022-23089

4.7MEDIUM

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 15 February 2024

What is CVE-2022-23089?

The vulnerability occurs in FreeBSD's handling of process information during a core dump. Specifically, the function proc_getargv() can return a buffer with an incorrect length, which may either be zero or negative. This issue can be exploited by a user constructing a specially crafted ps_string, leading to an out-of-bound read condition that can subsequently cause the kernel to crash. As a result, systems running affected versions of FreeBSD are at risk of instability and potential denial-of-service conditions if not properly patched.

Affected Version(s)

FreeBSD 13.1-RELEASE

FreeBSD 13.0-RELEASE

FreeBSD 12.3-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-22:09....

vendor-advisory

https://security.netapp.com/advisory/ntap-20240415-0006/

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 15, 2024
Vulnerability Reserved
Jan 10, 2022

Credit

Josef 'Jeff' Sipek