Lucene search
Gwangun Jung at THEORIZDI-22-1457HistoryOct 21, 2022 - 12:00 a.m.
Linux Kernel nftables Uninitialized Variable Information Disclosure Vulnerability
2022-10-2100:00:00
Gwangun Jung at THEORI
www.zerodayinitiative.com
8
linux kernel
nftables
uninitialized variable
information disclosure
vulnerability
local attackers
sensitive information
high-privileged code
nft_osf_eval
memory initialization
arbitrary code
kernel
0.0004 Low
EPSS
Percentile
16.1%
This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel.
Related
cvelist
cvelist
CVE-2022-42432
2023-03-29 00:00:00
prion
prion
Design/Logic Flaw
2023-03-29 19:15:00
ubuntucve
ubuntucve
CVE-2022-42432
2023-03-29 00:00:00
nvd
nvd
CVE-2022-42432
2023-03-29 19:15:17
redhatcve
redhatcve
CVE-2022-42432
2023-03-30 09:21:08
debiancve
debiancve
CVE-2022-42432
2023-03-29 19:15:17
veracode
veracode
Use Of Uninitialized Variable
2023-05-01 21:46:13
cve
cve
CVE-2022-42432
2023-03-29 19:15:17
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-037)
2022-10-25 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-021)
2022-10-25 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-009)
2022-10-25 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-4.0-0275
2022-11-04 00:00:00
redhat
redhat
(RHSA-2022:7933) Moderate: kernel-rt security and bug fix update
2022-11-15 06:11:40
(RHSA-2022:8267) Moderate: kernel security, bug fix, and enhancement update
2022-11-15 06:19:55
ics
ics
Siemens SIMATIC S7-1500 TM MFP Linux Kernel
2023-06-15 12:00:00