ID: CVE-2022-32250

Last Modified: May 16, 2023

net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.

Twitter Activity

Tweets last week: 0

Remaining steady

Yahoo Activity

Yahoo results: 0

Remaining steady

EPSS History

Current EPSS Score: 0.00044

Remaining steady


Reddit Activity

Reddit Posts: 9

Remaining steady

Github Repos

Github Repos: 2

Remaining steady

Exploits

Found exploits:

Attack Vector: Local

Attack Complexity: Low

Privileges Required: Low

User Interaction: None

Scope: Unchanged

Confidentiality: High

Integrity: High

Availability: High

Base Score: 7.8

Exploitability Score: 1.8

Impact Score: 5.9

CVSS V3: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Specialize CVSS-Score

Access Vector: Local

Access Complexity: Low

Authentication: None

Confidentiality Impact: Complete

Integrity Impact: Complete

Availability Impact: Complete

Base Score: 7.2

Exploitability Score: 3.9

Impact Score: 10.0

CVSS V2: AV:L/AC:L/Au:N/C:C/I:C/A:C

Specialize CVSS-Score

CWE-416

Condition Configuration
OR
OR
Alle Schwachstellen für linux
Alle Schwachstellen für linux
Alle Schwachstellen für linux
Alle Schwachstellen für linux
Alle Schwachstellen für linux
Alle Schwachstellen für linux
Alle Schwachstellen für linux
Alle Schwachstellen für linux
Condition Configuration
OR
OR
Alle Schwachstellen für fedoraproject
Alle Schwachstellen für fedoraproject
Condition Configuration
OR
OR
Alle Schwachstellen für debian
Alle Schwachstellen für debian
Condition Configuration
AND
OR
OR
Alle Schwachstellen für netapp
OR
OR
Alle Schwachstellen für netapp
Condition Configuration
AND
OR
OR
Alle Schwachstellen für netapp
OR
OR
Alle Schwachstellen für netapp
Condition Configuration
AND
OR
OR
Alle Schwachstellen für netapp
OR
OR
Alle Schwachstellen für netapp
Condition Configuration
AND
OR
OR
Alle Schwachstellen für netapp
OR
OR
Alle Schwachstellen für netapp
Condition Configuration
AND
OR
OR
Alle Schwachstellen für netapp
OR
OR
Alle Schwachstellen für netapp
Date: May 16, 2023

CWE-ID: Not defined
Base Score V2: Not defined
Exploitability Score V2: Not defined
Impact Score V2: Not defined
Base Score V3: Not defined
Exploitability Score V3: Not defined
Impact Score V3: Not defined
Cvss Vector V2: Not defined
Cvss Vector V3: Not defined
Configuration:
added:
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Reference:
added:
https://www.debian.org/security/2022/dsa-5161
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIZTJOJCVVEJVOQSCHE6IJQKMPISHQ5L/
https://bugzilla.redhat.com/show_bug.cgi?id=2092427
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6Y3TC4WUUNKRP7OQA26OVTZTPCS6F2/
http://www.openwall.com/lists/oss-security/2022/06/20/1
https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html
http://www.openwall.com/lists/oss-security/2022/07/03/6
http://www.openwall.com/lists/oss-security/2022/07/03/5
https://www.debian.org/security/2022/dsa-5173
https://security.netapp.com/advisory/ntap-20220715-0005/
http://www.openwall.com/lists/oss-security/2022/08/25/1
https://github.com/theori-io/CVE-2022-32250-exploit
https://blog.theori.io/research/CVE-2022-32250-linux-kernel-lpe-2022/
http://www.openwall.com/lists/oss-security/2022/09/02/9



                    <?xml version="1.0" ?>
<set operator="and">
    <set operator="or">
        <set operator="or">
            <prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"/>
        </set>
        <set operator="or">
            <prop key="operating_system" value="cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*"/>
        </set>
        <set operator="or">
            <prop key="operating_system" value="cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"/>
        </set>
        <set operator="and">
            <set operator="or">
                <prop key="operating_system" value="cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*"/>
            </set>
            <set operator="or">
                <prop key="device" value="cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*"/>
            </set>
        </set>
        <set operator="and">
            <set operator="or">
                <prop key="operating_system" value="cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*"/>
            </set>
            <set operator="or">
                <prop key="device" value="cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*"/>
            </set>
        </set>
        <set operator="and">
            <set operator="or">
                <prop key="operating_system" value="cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*"/>
            </set>
            <set operator="or">
                <prop key="device" value="cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*"/>
            </set>
        </set>
        <set operator="and">
            <set operator="or">
                <prop key="operating_system" value="cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*"/>
            </set>
            <set operator="or">
                <prop key="device" value="cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*"/>
            </set>
        </set>
        <set operator="and">
            <set operator="or">
                <prop key="operating_system" value="cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*"/>
            </set>
            <set operator="or">
                <prop key="device" value="cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*"/>
            </set>
        </set>
    </set>
    <prop key="program_influence" value="input"/>
    <prop key="range" value="local"/>
</set>

                  
                      <?xml version="1.0" ?>
<set operator="and">
    <prop key="target" value="host"/>
    <set operator="or">
        <prop key="program_influence" value="input"/>
        <prop key="program_influence" value="output"/>
        <prop key="program_influence" value="existence"/>
    </set>
    <prop key="data" value="any"/>
    <set operator="or">
        <prop key="data_influence" value="read"/>
        <prop key="data_influence" value="write"/>
        <prop key="data_influence" value="delete"/>
    </set>
    <set operator="or">
        <prop key="range" value="local"/>
        <prop key="range" value="local"/>
    </set>
</set>