CVE-2022-1016

2022-03-2800:00:00

ubuntu.com

linux kernel

netfilter

use-after-free

information leak

unprivileged attacker

cve-2022-1016

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

15.5%

JSON

A flaw was found in the Linux kernel in
net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a
use-after-free. This issue needs to handle ‘return’ with proper
preconditions, as it can lead to a kernel information leak problem caused
by a local, unprivileged attacker.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-184.194UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-110.124UNKNOWN
ubuntu21.10noarchlinux< 5.13.0-40.45UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-27.28UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-239.273UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1133.143UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1073.78UNKNOWN
ubuntu21.10noarchlinux-aws< 5.13.0-1022.24UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1005.7UNKNOWN
ubuntu22.10noarchlinux-aws< 5.19.0-1001.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< 4.15.0-184.194	UNKNOWN
ubuntu	20.04	noarch	linux	< 5.4.0-110.124	UNKNOWN
ubuntu	21.10	noarch	linux	< 5.13.0-40.45	UNKNOWN
ubuntu	22.04	noarch	linux	< 5.15.0-27.28	UNKNOWN
ubuntu	16.04	noarch	linux	< 4.4.0-239.273	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< 4.15.0-1133.143	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1073.78	UNKNOWN
ubuntu	21.10	noarch	linux-aws	< 5.13.0-1022.24	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1005.7	UNKNOWN
ubuntu	22.10	noarch	linux-aws	< 5.19.0-1001.1	UNKNOWN