Lucene search
HistoryAug 29, 2022 - 3:15 p.m.
CVE-2022-1016
linux
kernel
nf_tables
use-after-free
information leak
cve-2022-1016
nvd
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle ‘return’ with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.
Affected configurations
Node
linuxlinux_kernelRange≤3.13
ORlinuxlinux_kernelRange≤5.18
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Affects v3.13-rc1 and later, Fixed in v5.18-rc1"
}
]
}
]References
Social References
More
Related
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2022-04-07 00:00:00
Unbreakable Enterprise kernel security update
2022-04-08 00:00:00
Unbreakable Enterprise kernel security update
2022-04-07 00:00:00
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2022-1016)
2023-03-28 00:00:00
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1829)
2022-06-13 00:00:00
debiancve
debiancve
CVE-2022-1016
2022-08-29 15:15:10
prion
prion
Design/Logic Flaw
2022-08-29 15:15:00
veracode
veracode
Denial Of Service (DoS)
2022-05-14 21:02:53
cbl_mariner
cbl_mariner
CVE-2022-1016 affecting package kernel 5.10.189.1-1
2023-01-12 20:55:10
CVE-2022-1016 affecting package kernel for versions less than 5.15.70.1-1
2022-10-17 22:54:53
ubuntucve
ubuntucve
CVE-2022-1016
2022-03-28 00:00:00
nvd
nvd
CVE-2022-1016
2022-08-29 15:15:10
cvelist
cvelist
CVE-2022-1016
2022-08-29 14:03:06
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1817)
2022-06-14 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1829)
2022-06-14 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2075)
2022-07-14 00:00:00
redhatcve
redhatcve
CVE-2022-1016
2022-03-29 03:50:29
amazon
amazon
Important: kernel
2022-04-04 23:21:00
Important: kernel
2022-04-04 23:46:00
Important: kernel
2022-04-04 23:21:00
ubuntu
ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
2022-05-03 00:00:00
Linux kernel vulnerabilities
2022-04-26 00:00:00
Linux kernel vulnerabilities
2022-04-20 00:00:00
osv
osv
linux-raspi vulnerabilities
2022-05-03 21:04:19
photon
photon
Moderate Photon OS Security Update - PHSA-2022-0459
2022-04-01 00:00:00
Important Photon OS Security Update - PHSA-2022-0376
2022-04-01 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0376
2022-04-01 00:00:00
githubexploit
githubexploit
Exploit for CVE-2022-1015
2022-04-02 22:49:40
redhat
redhat
(RHSA-2023:4138) Important: kernel-rt security and bug fix update
2023-07-18 07:24:37
(RHSA-2023:4137) Important: kernel security and bug fix update
2023-07-18 07:24:36
(RHSA-2022:7444) Moderate: kernel-rt security and bug fix update
2022-11-08 06:19:55
mageia
mageia
Updated kernel packages fix security vulnerabilities
2022-03-29 17:25:34
Updated kernel-linus packages fix security vulnerabilities
2022-03-29 17:25:34
redos
redos
ROS-20220413-01
2022-04-13 00:00:00
ibm
ibm
suse
suse
Security update for the Linux Kernel (important)
2022-04-13 00:00:00
Security update for the Linux Kernel (important)
2022-04-19 00:00:00
Security update for the Linux Kernel (important)
2022-04-12 00:00:00
debian
debian
[SECURITY] [DSA 5127-1] linux security update
2022-05-02 21:02:58
[SECURITY] [DLA 3065-1] linux security update
2022-07-01 11:40:50
[SECURITY] [DSA 5173-1] linux security update
2022-07-03 15:49:12
rocky
rocky
kernel-rt security and bug fix update
2022-11-08 06:19:55
kernel security, bug fix, and enhancement update
2022-11-08 06:26:19
almalinux
almalinux
Moderate: kernel-rt security and bug fix update
2022-11-08 00:00:00
Moderate: kernel security, bug fix, and enhancement update
2022-11-08 00:00:00
Moderate: kernel-rt security and bug fix update
2022-11-15 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2022-05-09 21:58:04
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%
Related for CVE-2022-1016