Vulnerability CVE-2022-25636: Information
Description
net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Fixed packages
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6 |
|
https://www.openwall.com/lists/oss-security/2022/02/21/2 |
|
[oss-security] 20220222 Re: Linux kernel: heap out of bounds write in nf_dup_netdev.c since 5.4 |
|
DSA-5095 |
|
https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/ |
|
https://github.com/Bonfee/CVE-2022-25636 |
|
http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html |
|
https://security.netapp.com/advisory/ntap-20220325-0002/ |
|
N/A |
|