CVE-2022-25636

Published: Feb 22, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.openwall.com/lists/oss-security/2022/02/21/2

x_refsource_MISC

https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6

x_refsource_MISC

[oss-security] 20220222 Re: Linux kernel: heap out of bounds write in nf_dup_netdev.c since 5.4

mailing-list

x_refsource_MLIST

DSA-5095

vendor-advisory

x_refsource_DEBIAN

https://www.oracle.com/security-alerts/cpujul2022.html

x_refsource_MISC

https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/

x_refsource_MISC

https://github.com/Bonfee/CVE-2022-25636

x_refsource_MISC

http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20220325-0002/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-25636

Description

Affected Products

References