CVE-2022-1016

Published on: Not Yet Published

Last Modified on: 02/12/2023 10:15:00 PM UTC

CVE-2022-1016

Source: Mitre Source: NIST CVE.ORG Print: PDF PDF
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Certain versions of Linux Kernel from Linux contain the following vulnerability:

A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.

  • CVE-2022-1016 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 5.5 - MEDIUM

Attack
Vector 		Attack
Complexity		 Privileges
Required		 User
Interaction
LOCAL LOW LOW NONE
Scope Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
UNCHANGED HIGH NONE NONE

CVE References

Description Tags Link
2066614 – (CVE-2022-1016) CVE-2022-1016 kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM bugzilla.redhat.com
text/html
 URL Logo MISC bugzilla.redhat.com/show_bug.cgi?id=2066614
Red Hat Customer Portal - Access to 24x7 support and knowledge access.redhat.com
text/html
 URL Logo MISC access.redhat.com/security/cve/CVE-2022-1016
How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables · David's Blog blog.dbouman.nl
text/html
 URL Logo MISC blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/
oss-sec: Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak seclists.org
text/html
 URL Logo MISC seclists.org/oss-sec/2022/q1/205
Red Hat Customer Portal - Access to 24x7 support and knowledge access.redhat.com
text/html
 URL Logo MISC access.redhat.com/errata/RHSA-2022:7933
Red Hat Customer Portal - Access to 24x7 support and knowledge access.redhat.com
text/html
 URL Logo MISC access.redhat.com/errata/RHSA-2022:8267
Red Hat Customer Portal - Access to 24x7 support and knowledge access.redhat.com
text/html
 URL Logo MISC access.redhat.com/errata/RHSA-2022:7444
Red Hat Customer Portal - Access to 24x7 support and knowledge access.redhat.com
text/html
 URL Logo MISC access.redhat.com/errata/RHSA-2022:7683
By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Related QID Numbers

  • 159743 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9266)
  • 159744 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9267)
  • 159749 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9270)
  • 159750 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9271)
  • 159754 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9274)
  • 159755 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9273)
  • 159760 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9314)
  • 159763 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9313)
  • 159777 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9348)
  • 159785 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9368)
  • 159788 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9365)
  • 160210 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-7683)
  • 160270 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-8267)
  • 179258 Debian Security Update for linux (DSA 5127-1)
  • 180282 Debian Security Update for linux (DLA 3065-1)
  • 180605 Debian Security Update for linux (DSA 5173-1)
  • 198745 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5383-1)
  • 198747 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5381-1)
  • 198767 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5390-1)
  • 198770 Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5390-2)
  • 198785 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5415-1)
  • 198825 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5466-1)
  • 240815 Red Hat Update for kernel-rt (RHSA-2022:7444)
  • 240817 Red Hat Update for kernel security (RHSA-2022:7683)
  • 240869 Red Hat Update for kernel-rt (RHSA-2022:7933)
  • 240904 Red Hat Update for kernel security (RHSA-2022:8267)
  • 353211 Amazon Linux Security Advisory for kernel : ALAS-2022-1577
  • 353212 Amazon Linux Security Advisory for kernel : ALAS2-2022-1768
  • 353213 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-024
  • 353214 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2022-012
  • 353964 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.15-2022-001
  • 354327 Amazon Linux Security Advisory for kernel : ALAS2022-2022-083
  • 354468 Amazon Linux Security Advisory for kernel : ALAS2022-2022-185
  • 354499 Amazon Linux Security Advisory for kernel : ALAS2022-2022-042
  • 354542 Amazon Linux Security Advisory for kernel : ALAS-2022-185
  • 355199 Amazon Linux Security Advisory for kernel : ALAS2023-2023-070
  • 376925 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0125)
  • 377124 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0029)
  • 377181 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2022:0022)
  • 390261 Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2022-0014)
  • 671771 EulerOS Security Update for kernel (EulerOS-SA-2022-1829)
  • 671774 EulerOS Security Update for kernel (EulerOS-SA-2022-1817)
  • 671817 EulerOS Security Update for kernel (EulerOS-SA-2022-1868)
  • 671862 EulerOS Security Update for kernel (EulerOS-SA-2022-1896)
  • 671870 EulerOS Security Update for kernel (EulerOS-SA-2022-1934)
  • 671915 EulerOS Security Update for kernel (EulerOS-SA-2022-1969)
  • 752036 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1183-1)
  • 752039 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1196-1)
  • 752042 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1197-1)
  • 752048 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1266-1)
  • 752052 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1255-1)
  • 752053 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1267-1)
  • 752056 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1270-1)
  • 752058 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1256-1)
  • 752081 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 43 for SLE 12 SP3) (SUSE-SU-2022:1440-1)
  • 752370 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2520-1)
  • 753137 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 15 for SLE 15 SP3) (SUSE-SU-2022:1453-1)
  • 753148 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2615-1)
  • 753273 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 28 for SLE 15) (SUSE-SU-2022:1329-1)
  • 753287 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 29 for SLE 15 SP1) (SUSE-SU-2022:1335-1)
  • 753330 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 0 for SLE 15 SP4) (SUSE-SU-2022:2268-1)
  • 753373 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1257-1)
  • 753390 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 14 for SLE 15 SP3) (SUSE-SU-2022:1326-1)
  • 753417 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1163-1)
  • 753427 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1407-1)
  • 753445 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 12 for SLE 15 SP3) (SUSE-SU-2022:1369-1)
  • 903810 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (10857)
  • 904260 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (10857-1)
  • 904794 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (12127)
  • 905203 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (12127-1)
  • 905820 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (12127-2)
  • 906515 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (10857-2)
  • 940732 AlmaLinux Security Update for kernel (ALSA-2022:7683)
  • 940766 AlmaLinux Security Update for kernel-rt (ALSA-2022:7444)
  • 940798 AlmaLinux Security Update for kernel (ALSA-2022:8267)
  • 940843 AlmaLinux Security Update for kernel-rt (ALSA-2022:7933)
  • 960176 Rocky Linux Security Update for kernel-rt (RLSA-2022:7444)
  • 960184 Rocky Linux Security Update for kernel (RLSA-2022:7683)

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System		LinuxLinux Kernel3.13rc1AllAll
Operating
System		LinuxLinux KernelAllAllAllAll
Operating
System		LinuxLinux KernelAllAllAllAll
Operating
System		RedhatEnterprise Linux8.0AllAllAll
Operating
System		RedhatEnterprise Linux9.0AllAllAll
  • cpe:2.3:o:linux:linux_kernel:3.13:rc1:*:*:*:*:*:*:
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @grsecurity Our independent backport process already identified the commits fixing CVE-2022-1015 and CVE-2022-1016 and were bac… twitter.com/i/web/status/1… 2022-03-28 20:52:50
Twitter Icon @andersonc0d3 Linux kernel: CVE-2022-1015, CVE-2022-1016 in nf_tables cause privilege escalation, information leak seclists.org/oss-sec/2022/q… 2022-03-28 21:14:08
Twitter Icon @oss_security Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak: Posted by Davi… twitter.com/i/web/status/1… 2022-03-28 21:59:32
Twitter Icon @gaetanoz [oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak… twitter.com/i/web/status/1… 2022-03-28 23:46:35
Twitter Icon @masami256 わかりやすい? oss-security - Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, informat… twitter.com/i/web/status/1… 2022-03-28 23:50:06
Twitter Icon @TechTweetBot Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… 2022-03-29 02:24:17
Twitter Icon @hn_frontpage Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation L: lwn.net/ml/oss-securit… C: news.ycombinator.com/item?id=308380… 2022-03-29 02:58:21
Twitter Icon @hncynic Title: Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation ?: groups.google.com/forum/#!topic/… 2022-03-29 02:58:30
Twitter Icon @HNTweets Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation: lwn.net/ml/oss-securit… Comments: news.ycombinator.com/item?id=308380… 2022-03-29 03:00:02
Twitter Icon @winsontang Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… 2022-03-29 03:01:01
Twitter Icon @radoncnotes Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation ift.tt/3OBDich 5 2022-03-29 03:01:02
Twitter Icon @tammeke140674 Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation ift.tt/3OBDich 5 2022-03-29 03:03:41
Twitter Icon @knelsonvsi Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation ift.tt/3OBDich 5 2022-03-29 03:03:57
Twitter Icon @HackerNewsTop10 Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation Link: lwn.net/ml/oss-securit… Comm… twitter.com/i/web/status/1… 2022-03-29 03:21:22
Twitter Icon @Hacker__News Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation #osssecurity #lwnnet #privilege… twitter.com/i/web/status/1… 2022-03-29 03:25:41
Twitter Icon @_r_netsec Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… 2022-03-29 03:43:07
Twitter Icon @betterhn20 Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… (news.ycombinator.com/item?id=308380…) 2022-03-29 03:46:06
Twitter Icon @CybrXx0 Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation via /r/netsec… twitter.com/i/web/status/1… 2022-03-29 04:00:09
Twitter Icon @newsycombinator Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… 2022-03-29 04:01:11
Twitter Icon @Myinfosecfeed New post: "Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation" ift.tt/s8nyXJt 2022-03-29 04:48:43
Twitter Icon @cyberkendra CVE-2022-1015,CVE-2022-1016: #Linux Kernel Privilege Escalation bug.cyberkendra.com/2022/03/29/cve… #cybersecurity #security #vulnerability 2022-03-29 05:33:05
Twitter Icon @blackyoup CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak seclists.org/oss-sec/2022/q… #Linux 2022-03-29 06:02:00
Twitter Icon @nixcraft Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak openwall.com/lists/oss-secu… 2022-03-29 06:08:17
Twitter Icon @beingsheerazali Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… _r_netsec 2022-03-29 07:10:57
Twitter Icon @stepcellwolf another #patching day [oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalat… twitter.com/i/web/status/1… 2022-03-29 07:36:38
Twitter Icon @ipssignatures The vuln CVE-2022-1016 has a tweet created 0 days ago and retweeted 14 times. twitter.com/andersonc0d3/s… #pow1rtrtwwcve 2022-03-29 08:06:01
Twitter Icon @Linda_pp Linux の nf_tables にローカル権限昇格の脆弱性(CVE-2022-1015, CVE-2022-1016) seclists.org/oss-sec/2022/q… 2022-03-29 11:45:41
Twitter Icon @jschauma New local priv escalation CVE-2022-1015, information disclosure CVE-2022-1016 vulnerabilities:… twitter.com/i/web/status/1… 2022-03-29 11:47:55
Twitter Icon @Efrain_AI Linux kernel: CVE-2022-1015,CVE-2022-1016 openwall.com/lists/oss-secu… 2022-03-29 11:51:56
Twitter Icon @abclinuxu Bezpečnostní chyby CVE-2022-1015 a CVE-2022-1016 v Linuxu v nf_tables abclinuxu.cz/zpravicky/bezp… 2022-03-29 12:26:31
Twitter Icon @FOSSForce [oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak… twitter.com/i/web/status/1… 2022-03-29 12:48:00
Twitter Icon @ipssignatures The vuln CVE-2022-1016 has a tweet created 0 days ago and retweeted 12 times. twitter.com/_r_netsec/stat… #pow1rtrtwwcve 2022-03-29 14:06:01
Twitter Icon @Har_sia CVE-2022-1016 har-sia.info/CVE-2022-1016.… #HarsiaInfo 2022-03-29 23:00:40
Twitter Icon @digeex_security [oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak… twitter.com/i/web/status/1… 2022-03-30 10:28:17
Twitter Icon @DigitalCarpent2 cve-2022-1016 2022-03-30 13:00:24
Twitter Icon @secalertsasia oss-sec: Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak… twitter.com/i/web/status/1… 2022-04-03 00:38:14
Twitter Icon @sidfm_jp Linux Kernel の Netfilter の処理に情報漏洩の問題 (CVE-2022-1016) [41760] sid.softek.jp/content/show/4… #SIDfm #脆弱性情報 2022-04-07 02:30:05
Twitter Icon @angsuman Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation lwn.net/ml/oss-securit… 2022-04-08 04:45:15
Twitter Icon @techadversary Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation reddit.com/r/netsec/comme… 2022-04-25 03:11:32
Twitter Icon @reverseame [oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak lwn.net/ml/oss-securit… 2022-05-09 10:07:06
Twitter Icon @oss_security Re: Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak: Posted by… twitter.com/i/web/status/1… 2022-08-25 16:34:03
Twitter Icon @0xor0ne Very well done writeup about Linux kernel exploitation by @pqlqpql. CVE-2022-1016 used to leak kernel data CVE-20… twitter.com/i/web/status/1… 2022-08-27 18:30:07
Twitter Icon @CVEreport CVE-2022-1016 : A flaw was found in the #Linux #kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can ca… twitter.com/i/web/status/1… 2022-08-29 15:12:26
Reddit Logo Icon /r/linux [oss-security] Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak [LWN.net] 2022-03-29 03:59:37
Reddit Logo Icon /r/netsec Linux kernel CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation 2022-03-29 03:35:31
Reddit Logo Icon /r/netcve CVE-2022-1016 2022-08-29 16:38:39
Reddit Logo Icon /r/synology DSM Version: 7.2-64561 2023-05-22 03:16:44
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report