MNBSD-2022-10: Out-of-bounds read in the ELF core dump handler

Severity: Unknown

Affected Package: kernel

Summary: Out-of-bounds read in the ELF core dump handler

Description

When dumping core and saving process information, proc_getargv() could return an sbuf whose sbuf_len() was 0 or -1, a case that was not handled correctly. A crafted ps_strings could trigger an out-of-bounds read in the ELF core dump handler and crash the kernel.

Affected Versions

kernel

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2022-23089

Published: August 09, 2022
Last Modified: August 09, 2022