CVE-2022-50213
Published: Jun 18, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow SET_ID to refer to another table When doing lookups for sets on the same batch by using its ID, a set from a different table can be used. Then, when the table is removed, a reference to the set may be kept after the set is freed, leading to a potential use-after-free. When looking for sets by ID, use the table that was used for the lookup by name, and only return sets belonging to that same table. This fixes CVE-2022-2586, also reported as ZDI-CAN-17470.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 958bee14d0718ca7a5002c0f48a099d1d345812a - < 77d3b5038b7462318f5183e2ad704b01d57215a2affected 958bee14d0718ca7a5002c0f48a099d1d345812a - < fab2f61cc3b0e441b1749f017cfee75f9bbaded7affected 958bee14d0718ca7a5002c0f48a099d1d345812a - < 1a4b18b1ff11ba26f9a852019d674fde9d1d1cffaffected 958bee14d0718ca7a5002c0f48a099d1d345812a - < faafd9286f1355c76fe9ac3021c280297213330eaffected 958bee14d0718ca7a5002c0f48a099d1d345812a - < f4fa03410f7c5f5bd8f90e9c11e9a8c4b526ff6f+2 more versions |
Linux | Linux | affected 3.16unaffected 0 - < 3.16unaffected 4.19.256 - <= 4.19.*unaffected 5.4.211 - <= 5.4.*unaffected 5.10.137 - <= 5.10.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now