CVE-2022-25636

moderate-risk

Published 2022-02-24

net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.

Do I need to act?

0.37% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (13)

Linux Kernel

Debian Linux

H300E

H300S

H410C

H410S

H500E

H500S

H700E

H700S

Communications Cloud Native Core Binding Support Function

Communications Cloud Native Core Network Exposure Function

Communications Cloud Native Core Policy

Affected Vendors

Debian Linux Oracle Netapp

References (18)

Third Party Advisory http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LS...

Mailing List http://www.openwall.com/lists/oss-security/2022/02/22/1

Patch https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5...

Exploit https://github.com/Bonfee/CVE-2022-25636

Exploit https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/

Third Party Advisory https://security.netapp.com/advisory/ntap-20220325-0002/

Third Party Advisory https://www.debian.org/security/2022/dsa-5095

Exploit https://www.openwall.com/lists/oss-security/2022/02/21/2

Patch https://www.oracle.com/security-alerts/cpujul2022.html