CVE-2022-49875

Published: May 1, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE When using bpftool to pin {PROG, MAP, LINK} without FILE, segmentation fault will occur. The reson is that the lack of FILE will cause strlen to trigger NULL pointer dereference. The corresponding stacktrace is shown below: do_pin do_pin_any do_pin_fd mount_bpffs_for_pin strlen(name) <- NULL pointer dereference Fix it by adding validation to the common process.

Vendor	Product	Versions
Linux	Linux	affected `75a1e792c335b5c6d7fdb1014da47aeb64c5944f - < 8c80b2fca4112d724dde477aed13f7b0510a2792` affected `75a1e792c335b5c6d7fdb1014da47aeb64c5944f - < 6dcdd1b68b7f9333d48d48fc77b75e7f235f6a4a` affected `75a1e792c335b5c6d7fdb1014da47aeb64c5944f - < da5161ba94c5e9182c301dd4f09c94f715c068bd` affected `75a1e792c335b5c6d7fdb1014da47aeb64c5944f - < 34de8e6e0e1f66e431abf4123934a2581cb5f133`
Linux	Linux	affected `5.7` unaffected `0 - < 5.7` unaffected `5.10.155 - <= 5.10.` unaffected `5.15.79 - <= 5.15.` unaffected `6.0.9 - <= 6.0.*` +1 more versions

References

https://git.kernel.org/stable/c/8c80b2fca4112d724dde477aed13f7b0510a2792

https://git.kernel.org/stable/c/6dcdd1b68b7f9333d48d48fc77b75e7f235f6a4a

https://git.kernel.org/stable/c/da5161ba94c5e9182c301dd4f09c94f715c068bd

https://git.kernel.org/stable/c/34de8e6e0e1f66e431abf4123934a2581cb5f133

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-49875

Description

Affected Products

References