All the vulnerabilites related to The Linux Kernel Organization - linux
cve-2022-2585
Vulnerability from cvelistv5
Published
2024-01-08 17:38
Modified
2024-09-04 19:03
Severity ?
EPSS score ?
Summary
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
References
▼ | URL | Tags |
---|---|---|
https://ubuntu.com/security/notices/USN-5566-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5564-1 | third-party-advisory | |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2585 | issue-tracking | |
https://ubuntu.com/security/notices/USN-5567-1 | third-party-advisory | |
https://lore.kernel.org/lkml/20220809170751.164716-1-cascardo@canonical.com/T/#u | issue-tracking | |
https://www.openwall.com/lists/oss-security/2022/08/09/7 | issue-tracking | |
https://ubuntu.com/security/notices/USN-5565-1 | third-party-advisory |
Impacted products
▼ | Vendor | Product |
---|---|---|
The Linux Kernel Organization | linux |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:39:08.282Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5566-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5564-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2585" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5567-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://lore.kernel.org/lkml/20220809170751.164716-1-cascardo@canonical.com/T/#u" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/7" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5565-1" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-2585", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-02T17:22:39.159224Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-04T19:03:25.626Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "packageName": "linux", "platforms": [ "Linux" ], "product": "linux", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git", "vendor": "The Linux Kernel Organization", "versions": [ { "lessThan": "6.0~rc1", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "An independent security researcher working with SSD Secure Disclosure" } ], "descriptions": [ { "lang": "en", "value": "It was discovered that when exec\u0027ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-08T17:38:27.327Z", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5566-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5564-1" }, { "tags": [ "issue-tracking" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2585" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5567-1" }, { "tags": [ "issue-tracking" ], "url": "https://lore.kernel.org/lkml/20220809170751.164716-1-cascardo@canonical.com/T/#u" }, { "tags": [ "issue-tracking" ], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/7" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5565-1" } ] } }, "cveMetadata": { "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2022-2585", "datePublished": "2024-01-08T17:38:27.327Z", "dateReserved": "2022-07-29T21:59:31.316Z", "dateUpdated": "2024-09-04T19:03:25.626Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1032
Vulnerability from cvelistv5
Published
2024-01-08 18:11
Modified
2024-08-27 15:48
Severity ?
EPSS score ?
Summary
The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.
References
▼ | URL | Tags |
---|---|---|
https://www.openwall.com/lists/oss-security/2023/03/13/2 | issue-tracking | |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1032 | issue-tracking | |
https://ubuntu.com/security/notices/USN-6033-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-6024-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5977-1 | third-party-advisory |
Impacted products
▼ | Vendor | Product |
---|---|---|
The Linux Kernel Organization | linux |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:32:46.335Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/03/13/2" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1032" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-6033-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-6024-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5977-1" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-1032", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-27T15:47:40.301600Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-27T15:48:22.031Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "packageName": "linux", "platforms": [ "Linux" ], "product": "linux", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git", "vendor": "The Linux Kernel Organization", "versions": [ { "lessThan": "6.3~rc2", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thadeu Cascardo" } ], "descriptions": [ { "lang": "en", "value": "The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-415", "description": "CWE-415", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-08T18:11:31.951Z", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical" }, "references": [ { "tags": [ "issue-tracking" ], "url": "https://www.openwall.com/lists/oss-security/2023/03/13/2" }, { "tags": [ "issue-tracking" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1032" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-6033-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-6024-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5977-1" } ] } }, "cveMetadata": { "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2023-1032", "datePublished": "2024-01-08T18:11:31.951Z", "dateReserved": "2023-02-24T23:38:08.581Z", "dateUpdated": "2024-08-27T15:48:22.031Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-6040
Vulnerability from cvelistv5
Published
2024-01-12 01:37
Modified
2024-08-02 08:21
Severity ?
EPSS score ?
Summary
An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family)
References
Impacted products
▼ | Vendor | Product |
---|---|---|
The Linux Kernel Organization | linux |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:21:17.118Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040" }, { "tags": [ "mailing-list", "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2024/01/12/1" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/01/12/1" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "packageName": "linux", "platforms": [ "Linux" ], "product": "linux", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git", "vendor": "The Linux Kernel Organization", "versions": [ { "lessThan": "5.18-rc1", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Lin Ma from Ant Security Light-Year Lab \u0026 ZJU" } ], "descriptions": [ { "lang": "en", "value": "An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-12T01:37:45.387Z", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical" }, "references": [ { "tags": [ "issue-tracking" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040" }, { "tags": [ "mailing-list" ], "url": "https://www.openwall.com/lists/oss-security/2024/01/12/1" }, { "url": "http://www.openwall.com/lists/oss-security/2024/01/12/1" }, { "url": "http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ], "title": "An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family)", "workarounds": [ { "lang": "en", "value": "Disabling unprivileged user namespaces mitigates the issue." } ] } }, "cveMetadata": { "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2023-6040", "datePublished": "2024-01-12T01:37:45.387Z", "dateReserved": "2023-11-08T20:12:50.288Z", "dateUpdated": "2024-08-02T08:21:17.118Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2602
Vulnerability from cvelistv5
Published
2024-01-08 17:56
Modified
2024-08-03 00:46
Severity ?
EPSS score ?
Summary
io_uring UAF, Unix SCM garbage collection
References
▼ | URL | Tags |
---|---|---|
https://ubuntu.com/security/notices/USN-5692-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5752-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5693-1 | third-party-advisory | |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602 | issue-tracking | |
https://ubuntu.com/security/notices/USN-5691-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5700-1 | third-party-advisory | |
http://packetstormsecurity.com/files/176533/Linux-Broken-Unix-GC-Interaction-Use-After-Free.html |
Impacted products
▼ | Vendor | Product |
---|---|---|
The Linux Kernel Organization | linux |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:46:03.143Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5692-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5752-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5693-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5691-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5700-1" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/176533/Linux-Broken-Unix-GC-Interaction-Use-After-Free.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "packageName": "linux", "platforms": [ "Linux" ], "product": "linux", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git", "vendor": "The Linux Kernel Organization", "versions": [ { "lessThan": "6.1~rc1", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "David Bouman" }, { "lang": "en", "type": "finder", "value": "Billy Jheng Bing Jhong working with Trend Micro\u0027s Zero Day Initiative" } ], "descriptions": [ { "lang": "en", "value": "io_uring UAF, Unix SCM garbage collection" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-08T17:56:16.403Z", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5692-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5752-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5693-1" }, { "tags": [ "issue-tracking" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5691-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5700-1" }, { "url": "http://packetstormsecurity.com/files/176533/Linux-Broken-Unix-GC-Interaction-Use-After-Free.html" } ] } }, "cveMetadata": { "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2022-2602", "datePublished": "2024-01-08T17:56:16.403Z", "dateReserved": "2022-08-01T19:49:01.609Z", "dateUpdated": "2024-08-03T00:46:03.143Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3600
Vulnerability from cvelistv5
Published
2024-01-08 18:16
Modified
2024-09-04 15:38
Severity ?
EPSS score ?
Summary
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.
References
▼ | URL | Tags |
---|---|---|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600 | issue-tracking | |
https://ubuntu.com/security/notices/USN-5003-1 | third-party-advisory | |
https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90 | issue-tracking |
Impacted products
▼ | Vendor | Product |
---|---|---|
The Linux Kernel Organization | linux |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:01:07.551Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5003-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-3600", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-03-13T19:37:54.684327Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-04T15:38:28.022Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "packageName": "linux", "platforms": [ "Linux" ], "product": "linux", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git", "vendor": "The Linux Kernel Organization", "versions": [ { "lessThan": "5.11", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "providerMetadata": { "dateUpdated": "2024-01-08T18:16:42.087Z", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical" }, "references": [ { "tags": [ "issue-tracking" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5003-1" }, { "tags": [ "issue-tracking" ], "url": "https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90" } ] } }, "cveMetadata": { "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2021-3600", "datePublished": "2024-01-08T18:16:42.087Z", "dateReserved": "2021-06-12T00:16:40.778Z", "dateUpdated": "2024-09-04T15:38:28.022Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2586
Vulnerability from cvelistv5
Published
2024-01-08 17:46
Modified
2024-08-19 07:48
Severity ?
EPSS score ?
Summary
It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.
References
▼ | URL | Tags |
---|---|---|
https://ubuntu.com/security/notices/USN-5564-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5560-2 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5582-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5567-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5560-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5566-1 | third-party-advisory | |
https://www.openwall.com/lists/oss-security/2022/08/09/5 | issue-tracking | |
https://ubuntu.com/security/notices/USN-5565-1 | third-party-advisory | |
https://www.zerodayinitiative.com/advisories/ZDI-22-1118/ | issue-tracking | |
https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t | issue-tracking | |
https://ubuntu.com/security/notices/USN-5562-1 | third-party-advisory | |
https://ubuntu.com/security/notices/USN-5557-1 | third-party-advisory | |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586 | issue-tracking |
Impacted products
▼ | Vendor | Product |
---|---|---|
The Linux Kernel Organization | linux |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "6.0-rc1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2022-2586", "options": [ { "Exploitation": "active" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-26T15:34:35.432398Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2024-06-26", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json" }, "type": "kev" } } ], "providerMetadata": { "dateUpdated": "2024-06-26T16:20:22.577Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "timeline": [ { "lang": "en", "time": "2024-06-26T00:00:00+00:00", "value": "CVE-2022-2586 added to CISA KEV" } ], "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-19T07:48:13.351Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5564-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5560-2" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5582-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5567-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5560-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5566-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/5" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5565-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1118/" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5562-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5557-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586" }, { "url": "https://www.vicarius.io/vsociety/posts/use-after-free-vulnerability-linked-chain-between-nft-tables-cve-2022-2586" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "packageName": "linux", "platforms": [ "Linux" ], "product": "linux", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git", "vendor": "The Linux Kernel Organization", "versions": [ { "lessThan": "6.0~rc1", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Team Orca of Sea Security (@seasecresponse) working with Trend Micro\u0027s Zero Day Initiative" } ], "descriptions": [ { "lang": "en", "value": "It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-08T17:46:06.110Z", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5564-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5560-2" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5582-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5567-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5560-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5566-1" }, { "tags": [ "issue-tracking" ], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/5" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5565-1" }, { "tags": [ "issue-tracking" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1118/" }, { "tags": [ "issue-tracking" ], "url": "https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5562-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5557-1" }, { "tags": [ "issue-tracking" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586" } ] } }, "cveMetadata": { "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2022-2586", "datePublished": "2024-01-08T17:46:06.110Z", "dateReserved": "2022-07-29T22:01:19.576Z", "dateUpdated": "2024-08-19T07:48:13.351Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2588
Vulnerability from cvelistv5
Published
2024-01-08 17:50
Modified
2024-08-03 00:39
Severity ?
EPSS score ?
Summary
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
The Linux Kernel Organization | linux |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:39:08.044Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5565-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5562-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/6" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5582-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5564-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5566-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1117/" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5588-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5560-1" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://github.com/Markakd/CVE-2022-2588" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5567-1" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5560-2" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://ubuntu.com/security/notices/USN-5557-1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "packageName": "linux", "platforms": [ "Linux" ], "product": "linux", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git", "vendor": "The Linux Kernel Organization", "versions": [ { "lessThan": "6.0~rc1", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Zhenpeng Lin working with Trend Micro\u0027s Zero Day Initiative" } ], "descriptions": [ { "lang": "en", "value": "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-08T17:50:47.948Z", "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5565-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5562-1" }, { "tags": [ "issue-tracking" ], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/6" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5582-1" }, { "tags": [ "issue-tracking" ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5564-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5566-1" }, { "tags": [ "issue-tracking" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1117/" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5588-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5560-1" }, { "tags": [ "issue-tracking" ], "url": "https://github.com/Markakd/CVE-2022-2588" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5567-1" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5560-2" }, { "tags": [ "issue-tracking" ], "url": "https://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u" }, { "tags": [ "third-party-advisory" ], "url": "https://ubuntu.com/security/notices/USN-5557-1" } ] } }, "cveMetadata": { "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "cveId": "CVE-2022-2588", "datePublished": "2024-01-08T17:50:47.948Z", "dateReserved": "2022-07-29T23:41:31.412Z", "dateUpdated": "2024-08-03T00:39:08.044Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }