CVE-2022-25636
Published Feb 24, 2022
Last updated a year ago
Overview
- Description
- net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-269
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3EC14C1-75C4-4ECD-94D3-EB9151F1007E",
"versionEndExcluding": "5.4.182",
"versionStartIncluding": "5.4"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A95B717-3110-4D4F-B8FC-373919BB514D",
"versionEndExcluding": "5.10.103",
"versionStartIncluding": "5.5"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9AB342AE-A62E-4947-A6EA-511453062B2B",
"versionEndExcluding": "5.15.26",
"versionStartIncluding": "5.11"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C76BAB21-7F23-4AD8-A25F-CA7B262A2698",
"versionEndExcluding": "5.16.12",
"versionStartIncluding": "5.16"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E"
},
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43"
},
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F"
},
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098"
},
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8"
},
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"
},
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102"
},
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56"
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838"
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA"
}
],
"operator": "OR"
}
]
}
]