CVE-2022-1015
Published on: Not Yet Published
Last Modified on: 02/23/2023 10:15:00 AM UTC
Certain versions of Fedora from Fedoraproject contain the following vulnerability:
A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.
- CVE-2022-1015 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 6.6 - MEDIUM
| Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|---|---|---|---|
| LOCAL | LOW | LOW | NONE |
| Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
| UNCHANGED | LOW | LOW | HIGH |
CVSS2 Score: 4.6 - MEDIUM
| Access Vector ⓘ |
Access Complexity |
Authentication |
|---|---|---|
| LOCAL | LOW | NONE |
| Confidentiality Impact |
Integrity Impact |
Availability Impact |
| PARTIAL | PARTIAL | PARTIAL |
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables · David's Blog | blog.dbouman.nl text/html |
MISC blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/ |
| oss-security - Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup | www.openwall.com text/html |
MLIST [oss-security] 20230223 Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup |
| oss-sec: Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak | seclists.org text/html |
MISC seclists.org/oss-sec/2022/q1/205 |
| oss-security - CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup | www.openwall.com text/html |
MLIST [oss-security] 20230113 CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup |
| oss-security - Re: Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak | www.openwall.com text/html |
MLIST [oss-security] 20220825 Re: Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak |
| Kernel Live Patch Security Notice LSN-0090-1 ≈ Packet Storm | packetstormsecurity.com text/html |
MISC packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html |
| 2065323 – (CVE-2022-1015) CVE-2022-1015 kernel: arbitrary code execution in linux/net/netfilter/nf_tables_api.c | bugzilla.redhat.com text/html |
MISC bugzilla.redhat.com/show_bug.cgi?id=2065323 |
Related QID Numbers
- 198745 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5383-1)
- 198747 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5381-1)
- 198767 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5390-1)
- 198770 Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5390-2)
- 353211 Amazon Linux Security Advisory for kernel : ALAS-2022-1577
- 353212 Amazon Linux Security Advisory for kernel : ALAS2-2022-1768
- 353213 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-024
- 353214 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2022-012
- 353964 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.15-2022-001
- 354327 Amazon Linux Security Advisory for kernel : ALAS2022-2022-083
- 354468 Amazon Linux Security Advisory for kernel : ALAS2022-2022-185
- 354499 Amazon Linux Security Advisory for kernel : ALAS2022-2022-042
- 354542 Amazon Linux Security Advisory for kernel : ALAS-2022-185
- 355199 Amazon Linux Security Advisory for kernel : ALAS2023-2023-070
- 901300 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9650)
- 901490 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9643)
- 902024 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9650-1)
- 902093 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9643-1)
- 906077 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9650-2)
- 906409 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (9643-2)
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Fedoraproject | Fedora | 35 | All | All | All |
| Operating System | Linux | Linux Kernel | All | All | All | All |
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
| Source | Title | Posted (UTC) |
|---|---|---|
 @grsecurity |
Our independent backport process already identified the commits fixing CVE-2022-1015 and CVE-2022-1016 and were bac… twitter.com/i/web/status/1… | 2022-03-28 20:52:50 |
| @andersonc0d3 |
Linux kernel: CVE-2022-1015, CVE-2022-1016 in nf_tables cause privilege escalation, information leak seclists.org/oss-sec/2022/q… | 2022-03-28 21:14:08 |
| @oss_security |
Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak: Posted by Davi… twitter.com/i/web/status/1… | 2022-03-28 21:59:32 |
| @gaetanoz |
[oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak… twitter.com/i/web/status/1… | 2022-03-28 23:46:35 |
| @masami256 |
わかりやすい? oss-security - Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, informat… twitter.com/i/web/status/1… | 2022-03-28 23:50:06 |
| @TechTweetBot |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… | 2022-03-29 02:24:17 |
| @hn_frontpage |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation L: lwn.net/ml/oss-securit… C: news.ycombinator.com/item?id=308380… | 2022-03-29 02:58:21 |
| @hncynic |
Title: Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation ?: groups.google.com/forum/#!topic/… | 2022-03-29 02:58:30 |
| @HNTweets |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation: lwn.net/ml/oss-securit… Comments: news.ycombinator.com/item?id=308380… | 2022-03-29 03:00:02 |
| @winsontang |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… | 2022-03-29 03:01:01 |
| @radoncnotes |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation ift.tt/3OBDich 5 | 2022-03-29 03:01:02 |
| @tammeke140674 |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation ift.tt/3OBDich 5 | 2022-03-29 03:03:41 |
| @knelsonvsi |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation ift.tt/3OBDich 5 | 2022-03-29 03:03:57 |
| @HackerNewsTop10 |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation Link: lwn.net/ml/oss-securit… Comm… twitter.com/i/web/status/1… | 2022-03-29 03:21:22 |
| @Hacker__News |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation #osssecurity #lwnnet #privilege… twitter.com/i/web/status/1… | 2022-03-29 03:25:41 |
| @_r_netsec |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… | 2022-03-29 03:43:07 |
| @betterhn20 |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… (news.ycombinator.com/item?id=308380…) | 2022-03-29 03:46:06 |
| @CybrXx0 |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation via /r/netsec… twitter.com/i/web/status/1… | 2022-03-29 04:00:09 |
| @newsycombinator |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… | 2022-03-29 04:01:11 |
| @Myinfosecfeed |
New post: "Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation" ift.tt/s8nyXJt | 2022-03-29 04:48:43 |
| @ryangonnaryan |
How do I cancel my subscription to the CVE of the Month club? ubuntu.com/security/CVE-2… | 2022-03-29 05:26:08 |
| @cyberkendra |
CVE-2022-1015,CVE-2022-1016: #Linux Kernel Privilege Escalation bug.cyberkendra.com/2022/03/29/cve… #cybersecurity #security #vulnerability | 2022-03-29 05:33:05 |
| @blackyoup |
CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak seclists.org/oss-sec/2022/q… #Linux | 2022-03-29 06:02:00 |
| @nixcraft |
Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak openwall.com/lists/oss-secu… | 2022-03-29 06:08:17 |
| @Decio_o_o |
⚠️?[&?containers] c'est reparti pour un tour de mise à jour kernel... Ubuntu --> ubuntu.com/security/CVE-2… Debian-->… twitter.com/i/web/status/1… | 2022-03-29 07:06:18 |
| @beingsheerazali |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… _r_netsec | 2022-03-29 07:10:57 |
| @stepcellwolf |
another #patching day [oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalat… twitter.com/i/web/status/1… | 2022-03-29 07:36:38 |
| @ipssignatures |
The vuln CVE-2022-1015 has a tweet created 0 days ago and retweeted 14 times. twitter.com/andersonc0d3/s… #pow1rtrtwwcve | 2022-03-29 08:06:01 |
| @jzikusooka |
Regarding that Linux kernel vulnerability in nf_tables (CVE-2022-1015) #Linux #vulnerabilty #CyberSecurity… twitter.com/i/web/status/1… | 2022-03-29 11:22:19 |
| @Linda_pp |
Linux の nf_tables にローカル権限昇格の脆弱性(CVE-2022-1015, CVE-2022-1016) seclists.org/oss-sec/2022/q… | 2022-03-29 11:45:41 |
| @jschauma |
New local priv escalation CVE-2022-1015, information disclosure CVE-2022-1016 vulnerabilities:… twitter.com/i/web/status/1… | 2022-03-29 11:47:55 |
| @Efrain_AI |
Linux kernel: CVE-2022-1015,CVE-2022-1016 openwall.com/lists/oss-secu… | 2022-03-29 11:51:56 |
| @abclinuxu |
Bezpečnostní chyby CVE-2022-1015 a CVE-2022-1016 v Linuxu v nf_tables abclinuxu.cz/zpravicky/bezp… | 2022-03-29 12:26:31 |
| @SeYasashi |
access.redhat.com/security/cve/c… また脆弱性かnftablesのモジュールロードしてるしな。 緩和策を適用しているのであまり影響ないのだが カーネルのバージョンアップは必要かな | 2022-03-29 12:41:33 |
| @FOSSForce |
[oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak… twitter.com/i/web/status/1… | 2022-03-29 12:48:00 |
| @ipssignatures |
The vuln CVE-2022-1015 has a tweet created 0 days ago and retweeted 12 times. twitter.com/_r_netsec/stat… #pow1rtrtwwcve | 2022-03-29 14:06:00 |
| @jingbay |
netfilter CVE-2022-1015,1016 twitter.com/newsyc100/stat… | 2022-03-29 18:35:44 |
| @digeex_security |
[oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak… twitter.com/i/web/status/1… | 2022-03-30 10:28:17 |
| @SeYasashi |
seccompでシステムコールをブロックする方法は緩和策としてなりたつのだな。 access.redhat.com/security/cve/c… | 2022-03-31 12:12:48 |
| @pqlqpql |
Happy to finally publish my work on the two vulnerabilities in the Linux kernel I've found: CVE-2022-1015 and CVE-2… twitter.com/i/web/status/1… | 2022-04-02 04:13:46 |
| @pqlqpql |
PoC: github.com/pqlx/CVE-2022-… | 2022-04-02 04:17:51 |
| @AnonIndiaPress |
Learn this...! blog.dbouman.nl/2022/04/02/How… | 2022-04-02 07:13:44 |
| @ipssignatures |
The vuln CVE-2022-1015 has a tweet created 0 days ago and retweeted 73 times. twitter.com/pqlqpql/status… #pow1rtrtwwcve | 2022-04-02 08:06:00 |
| @sirifu4k1 |
Local privilege escalation PoC for Linux kernel CVE-2022-1015 github.com/pqlx/CVE-2022-… | 2022-04-02 09:07:07 |
| @ipssignatures |
The vuln CVE-2022-1015 has a tweet created 0 days ago and retweeted 129 times. twitter.com/pqlqpql/status… #pow2rtrtwwcve | 2022-04-02 10:06:00 |
| @cKure7 |
■■■■□ How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables blog.dbouman.nl/2022/04/02/How… | 2022-04-02 10:36:11 |
| @3ackd0or |
#PoC for #local_privilege_escalation of CVE-2022-1015, a bug in the #nf_tables component of the #Linux kernel foun… twitter.com/i/web/status/1… | 2022-04-02 12:11:47 |
| @scifigh0st |
blog.dbouman.nl/2022/04/02/How… | 2022-04-02 14:57:36 |
| @ptracesecurity |
How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables blog.dbouman.nl/2022/04/02/How…… twitter.com/i/web/status/1… | 2022-04-02 18:00:49 |
| @Har_sia |
CVE-2022-1015 har-sia.info/CVE-2022-1015.… #HarsiaInfo | 2022-04-02 18:31:09 |
| @ipssignatures |
The vuln CVE-2022-1015 has a tweet created 0 days ago and retweeted 17 times. twitter.com/sirifu4k1/stat… #pow1rtrtwwcve | 2022-04-02 22:06:00 |
| @sploitus_com |
Exploit for CVE-2022-1015 sploitus.com/exploit?id=5F6… #Exploit #Sploitus | 2022-04-03 00:26:15 |
| @secalertsasia |
oss-sec: Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak… twitter.com/i/web/status/1… | 2022-04-03 00:38:14 |
| @nuria_imeq |
How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables · David's Blog blog.dbouman.nl/2022/04/02/How… | 2022-04-03 07:33:08 |
| @hack_git |
CVE-2022-1015 This repository contains a PoC for local privilege escalation of CVE-2022-1015, a bug in the nf_table… twitter.com/i/web/status/1… | 2022-04-03 07:36:58 |
| @MA43T3 |
github.com/pqlx/CVE-2022-… | 2022-04-03 10:36:40 |
| @ksg93rd |
#Threat_Research 1. CVE-2022-1015/1016: An analysis of two new Linux vulnerabilities in nf_tables… twitter.com/i/web/status/1… | 2022-04-03 15:19:17 |
| @ptpt52 |
准牛逼,专业的漏洞分析 blog.dbouman.nl/2022/04/02/How… | 2022-04-03 17:20:55 |
| @n0ipr0cs |
How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables · David's Blog blog.dbouman.nl/2022/04/02/How… | 2022-04-03 19:12:00 |
| @RashmiD83238655 |
GitHub - pqlx/CVE-2022-1015: Local privilege escalation PoC for Linux kernel dlvr.it/SMvBLP https://t.co/KIU7fmlIZc | 2022-04-03 20:33:11 |
| @_devonkerr_ |
Excellent, this is how you communicate research: blog.dbouman.nl/2022/04/02/How… | 2022-04-03 20:41:44 |
| @Dinosn |
Local privilege escalation PoC for Linux kernel CVE-2022-1015 github.com/pqlx/CVE-2022-… | 2022-04-04 07:19:13 |
| @beingsheerazali |
Local privilege escalation PoC for Linux kernel CVE-2022-1015 github.com/pqlx/CVE-2022-… Dinosn | 2022-04-04 07:49:21 |
| @netalexx |
Local privilege escalation PoC for Linux kernel CVE-2022-1015 github.com/pqlx/CVE-2022-… | 2022-04-04 09:33:48 |
| @stevematindi |
Local privilege escalation PoC for Linux kernel CVE-2022-1015 github.com/pqlx/CVE-2022-… | 2022-04-04 10:52:51 |
| @ipssignatures |
The vuln CVE-2022-1015 has a tweet created 0 days ago and retweeted 10 times. twitter.com/Dinosn/status/… #pow1rtrtwwcve | 2022-04-04 12:06:00 |
| @ChrisShort |
Suggested Read: How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables blog.dbouman.nl/2022/04/02/How… #devopsish | 2022-04-04 16:27:01 |
| @ptracesecurity |
Local privilege escalation PoC for Linux kernel CVE-2022-1015 github.com/pqlx/CVE-2022-… #Pentesting #Linux… twitter.com/i/web/status/1… | 2022-04-04 23:31:09 |
| @ipssignatures |
The vuln CVE-2022-1015 has a tweet created 0 days ago and retweeted 10 times. twitter.com/ptracesecurity… #pow1rtrtwwcve | 2022-04-05 10:06:00 |
| @motakasoft |
GitHub Trending Archive, 04 Apr 2022, C. pqlx/CVE-2022-1015, mytechnotalent/Hacking-Windows, zmkfirmware/zmk, Infin… twitter.com/i/web/status/1… | 2022-04-06 11:30:03 |
| @a_jeddab |
pqlx/CVE-2022-1015: Local privilege escalation PoC for Linux kernel CVE-2022-1015 #UX via twinybots.ch github.com/pqlx/CVE-2022-… | 2022-04-06 15:52:25 |
| @blueteamsec1 |
CVE-2022-1015: Local privilege escalation PoC for Linux kernel CVE-2022-1015 dlvr.it/SN693w #cyber… twitter.com/i/web/status/1… | 2022-04-06 23:32:34 |
| @sidfm_jp |
Linux Kernel の Netfilter の処理に特権を奪われる問題 (CVE-2022-1015) [41759] sid.softek.jp/content/show/4… #SIDfm #脆弱性情報 | 2022-04-07 02:30:04 |
| @motakasoft |
GitHub Trending Archive, 05 Apr 2022, C. grafana/doom-datasource, CallowBlack/genshin-cheat, pqlx/CVE-2022-1015, NV… twitter.com/i/web/status/1… | 2022-04-07 11:30:03 |
| @angsuman |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… | 2022-04-08 04:45:15 |
| @techadversary |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation reddit.com/r/netsec/comme… | 2022-04-25 03:11:32 |
| @CVEreport |
CVE-2022-1015 : A flaw was found in the #Linux #kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subs… twitter.com/i/web/status/1… | 2022-04-29 16:04:29 |
 /r/linux |
[oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak [LWN.net] | 2022-03-29 03:59:37 |
| /r/netsec |
Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation | 2022-03-29 03:35:31 |
| /r/blueteamsec |
CVE-2022-1015: Local privilege escalation PoC for Linux kernel CVE-2022-1015 | 2022-04-02 19:02:37 |
| /r/programming |
GitHub - pqlx/CVE-2022-1015: Local privilege escalation PoC for Linux kernel | 2022-04-03 20:15:18 |
| /r/linkersec |
How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables | 2022-04-04 14:15:31 |
| /r/netcve |
CVE-2022-1015 | 2022-04-29 16:38:31 |