CVE-2022-1966

Опубликовано: 01 окт. 2025

Источник: msrc

Описание

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

FAQ

Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?

One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.

Связанные уязвимости

CVE-2022-1966

ubuntu

больше 3 лет назад

CVE-2022-1966

redhat

больше 3 лет назад

[REJECTED CVE] A use-after-free vulnerability has been identified in the Linux Kernel's netfilter subsystem that did not properly handle the removal of stateful expressions in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.

CVE-2022-1966

nvd

больше 3 лет назад

GHSA-vvhx-j2jp-rqhf

CVSS3: 7.8

github

больше 3 лет назад

A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nf_tables_api.c. This flaw allows a local attacker with user access to cause a privilege escalation issue.

BDU:2022-03922

CVSS3: 7.8

fstec

больше 3 лет назад

Уязвимость компонента net/netfilter/nf_tables_api.c подсистемы netfilter ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии до уровня root