CVE-2022-32250

moderate-risk

Published 2022-06-02

net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.

Do I need to act?

1.9% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (10)

Linux Kernel

Fedora

Debian Linux

H300S Firmware

H500S Firmware

H700S Firmware

H410S Firmware

H410C Firmware

Affected Vendors

Debian Linux Fedoraproject Netapp

References (36)

Exploit http://www.openwall.com/lists/oss-security/2022/06/03/1

Mailing List http://www.openwall.com/lists/oss-security/2022/06/04/1

Mailing List http://www.openwall.com/lists/oss-security/2022/06/20/1

Mailing List http://www.openwall.com/lists/oss-security/2022/07/03/5

Mailing List http://www.openwall.com/lists/oss-security/2022/07/03/6

Mailing List http://www.openwall.com/lists/oss-security/2022/08/25/1

Mailing List http://www.openwall.com/lists/oss-security/2022/09/02/9

Exploit https://blog.theori.io/research/CVE-2022-32250-linux-kernel-lpe-2022/

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=2092427

Mailing List https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/net/netfil...

Exploit https://github.com/theori-io/CVE-2022-32250-exploit

Mailing List https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

Third Party Advisory https://security.netapp.com/advisory/ntap-20220715-0005/

Third Party Advisory https://www.debian.org/security/2022/dsa-5161

Third Party Advisory https://www.debian.org/security/2022/dsa-5173

Exploit https://www.openwall.com/lists/oss-security/2022/05/31/1

Exploit http://www.openwall.com/lists/oss-security/2022/06/03/1

Mailing List http://www.openwall.com/lists/oss-security/2022/06/04/1

and 16 more references

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 5/34 · Minimal

Exposure 16/34 · Moderate