CVE-2022-2586
CVE-2022-2586
In short
A networking firewall rule (nft) can incorrectly reference a rule set from a different table. When that table is deleted, the reference becomes invalid and can cause a crash or unexpected behavior.
Technical detail
A use-after-free vulnerability in the nftables subsystem allows an nft object or expression to maintain a reference to an nft set belonging to a different table. Upon deletion of the referenced table, the dangling pointer is dereferenced, leading to potential memory corruption or denial of service.
Summary generated and translated by AI from the official description.
It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
Affected products
The Linux Kernel Organization · linuxpublic PoCs found — 2
githubgithub.com/aels/CVE-2022-2586-LPE★ 22githubgithub.com/sniper404ghostxploit/CVE-2022-2586★ 3⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#thttps://ubuntu.com/security/notices/USN-5557-1https://ubuntu.com/security/notices/USN-5560-1https://ubuntu.com/security/notices/USN-5560-2https://ubuntu.com/security/notices/USN-5562-1https://ubuntu.com/security/notices/USN-5564-1https://ubuntu.com/security/notices/USN-5565-1https://ubuntu.com/security/notices/USN-5566-1https://ubuntu.com/security/notices/USN-5567-1https://ubuntu.com/security/notices/USN-5582-1https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-2586