Heap-based Buffer Overflow The advisory has been revoked - it doesn't affect any version of package libbpf  (opens in a new tab)


Threat Intelligence

Social Trends
EPSS
0.02% (5th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Heap-based Buffer Overflow vulnerabilities in an interactive lesson.

Start learning
  • Snyk IDSNYK-CONAN-LIBBPF-13181739
  • published2 Oct 2025
  • disclosed1 Oct 2025
  • creditUnknown

Introduced: 1 Oct 2025

CVE-2022-50450  (opens in a new tab)
CWE-122  (opens in a new tab)

Amendment

This was deemed not a vulnerability.

Overview

Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to direct use of the e_shnum() field. An attacker can cause a heap buffer overflow by providing a crafted ELF file with manipulated section header values.

Note:

The CVE has been rejected or withdrawn by its CVE Numbering Authority.

References