CVE-2022-25636
Published on: Not Yet Published
Last Modified on: 02/24/2023 03:29:00 PM UTC
Certain versions of Debian Linux from Debian contain the following vulnerability:
net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
- CVE-2022-25636 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.8 - HIGH
| Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|---|---|---|---|
| LOCAL | LOW | LOW | NONE |
| Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
| UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 6.9 - MEDIUM
| Access Vector ⓘ |
Access Complexity |
Authentication |
|---|---|---|
| LOCAL | MEDIUM | NONE |
| Confidentiality Impact |
Integrity Impact |
Availability Impact |
| COMPLETE | COMPLETE | COMPLETE |
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| oss-security - Re: Linux kernel: heap out of bounds write in nf_dup_netdev.c since 5.4 | www.openwall.com text/html |
MLIST [oss-security] 20220222 Re: Linux kernel: heap out of bounds write in nf_dup_netdev.c since 5.4 |
| The Discovery and Exploitation of CVE-2022-25636 · Nick Gregory | nickgregory.me text/html |
MISC nickgregory.me/linux/security/2022/03/12/cve-2022-25636/ |
| Debian -- Security Information -- DSA-5095-1 linux | www.debian.org Depreciated Link text/html |
DEBIAN DSA-5095 |
| oss-security - Linux kernel: heap out of bounds write in nf_dup_netdev.c since 5.4 | www.openwall.com text/x-c |
MISC www.openwall.com/lists/oss-security/2022/02/21/2 |
| Kernel Live Patch Security Notice LSN-0085-1 ≈ Packet Storm | packetstormsecurity.com text/html |
MISC packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html |
| CVE-2022-25636 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security | security.netapp.com text/html |
CONFIRM security.netapp.com/advisory/ntap-20220325-0002/ |
| kernel/git/netfilter/nf.git - Netfilter Group nf tree | git.kernel.org text/html |
MISC git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6 |
| GitHub - Bonfee/CVE-2022-25636: CVE-2022-25636 | github.com text/html |
MISC github.com/Bonfee/CVE-2022-25636 |
| Oracle Critical Patch Update Advisory - July 2022 | www.oracle.com text/html |
MISC www.oracle.com/security-alerts/cpujul2022.html |
Related QID Numbers
- 159647 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9182)
- 159665 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9181)
- 159727 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9245)
- 159729 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9244)
- 159766 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-1550)
- 179115 Debian Security Update for linux (DSA 5095-1)
- 198694 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5317-1)
- 198695 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5318-1)
- 198728 Ubuntu Security Notification for Linux kernel (Intel IOTG) Vulnerabilities (USN-5362-1)
- 240220 Red Hat Update for kernel-rt (RHSA-2022:1413)
- 240221 Red Hat Update for kpatch-patch (RHSA-2022:1418)
- 240224 Red Hat Update for kernel security (RHSA-2022:1455)
- 240237 Red Hat Update for kpatch-patch (RHSA-2022:1535)
- 240243 Red Hat Update for kernel-rt (RHSA-2022:1555)
- 240249 Red Hat Update for kernel (RHSA-2022:1550)
- 353213 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-024
- 353214 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2022-012
- 354468 Amazon Linux Security Advisory for kernel : ALAS2022-2022-185
- 354499 Amazon Linux Security Advisory for kernel : ALAS2022-2022-042
- 354542 Amazon Linux Security Advisory for kernel : ALAS-2022-185
- 355199 Amazon Linux Security Advisory for kernel : ALAS2023-2023-070
- 376925 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0125)
- 377124 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0029)
- 751952 OpenSUSE Security Update for Linux Kernel (openSUSE-SU-2022:1039-1)
- 751956 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:1037-1)
- 752016 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1039-1)
- 753132 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 2 for SLE 15 SP3) (SUSE-SU-2022:0978-1)
- 753289 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 15 for SLE 15 SP3) (SUSE-SU-2022:1034-1)
- 753327 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 13 for SLE 15 SP3) (SUSE-SU-2022:0998-1)
- 753348 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1038-1)
- 753422 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1037-1)
- 753487 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 10 for SLE 15 SP3) (SUSE-SU-2022:0984-1)
- 940484 AlmaLinux Security Update for kernel (ALSA-2022:1550)
- 960120 Rocky Linux Security Update for kernel (RLSA-2022:1550)
- 960121 Rocky Linux Security Update for kernel-rt (RLSA-2022:1555)
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Debian | Debian Linux | 11.0 | All | All | All |
| Operating System | Linux | Linux Kernel | All | All | All | All |
| Hardware
| Netapp | Baseboard Management Controller H300e | - | All | All | All |
| Hardware
| Netapp | Baseboard Management Controller H300s | - | All | All | All |
| Hardware
| Netapp | Baseboard Management Controller H410c | - | All | All | All |
| Hardware
| Netapp | Baseboard Management Controller H410s | - | All | All | All |
| Hardware
| Netapp | Baseboard Management Controller H500e | - | All | All | All |
| Hardware
| Netapp | Baseboard Management Controller H500s | - | All | All | All |
| Hardware
| Netapp | Baseboard Management Controller H700e | - | All | All | All |
| Hardware
| Netapp | Baseboard Management Controller H700s | - | All | All | All |
| Application | Oracle | Communications Cloud Native Core Binding Support Function | 22.1.3 | All | All | All |
| Application | Oracle | Communications Cloud Native Core Network Exposure Function | 22.1.1 | All | All | All |
| Application | Oracle | Communications Cloud Native Core Policy | 22.2.0 | All | All | All |
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*:
- cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*:
- cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*:
- cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
@CVEreport
/r/linux