CVE-2022-2588

Опубликовано: 09 авг. 2022

Источник: redhat

CVSS3: 7.8

Описание

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.

A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	kernel	Affected
Red Hat Enterprise Linux 9	kernel	Not affected
Red Hat Enterprise Linux 9	kernel-rt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Fixed	RHSA-2022:7338	02.11.2022
Red Hat Enterprise Linux 7	kernel	Fixed	RHSA-2022:7337	02.11.2022
Red Hat Enterprise Linux 7	kpatch-patch	Fixed	RHSA-2022:7344	02.11.2022
Red Hat Enterprise Linux 7.4 Advanced Update Support	kernel	Fixed	RHSA-2022:7146	25.10.2022
Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118)	kernel	Fixed	RHSA-2022:7171	25.10.2022
Red Hat Enterprise Linux 7.6 Telco Extended Update Support	kernel	Fixed	RHSA-2022:7171	25.10.2022
Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions	kernel	Fixed	RHSA-2022:7171	25.10.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=2114849kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

7.8 High

CVSS3

Связанные уязвимости

CVE-2022-2588

CVSS3: 5.3

ubuntu

больше 1 года назад

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.

CVE-2022-2588

CVSS3: 5.3

nvd

больше 1 года назад

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.