Lucene search
Bien Pham (@bienpnn)ZDI-23-1834HistoryDec 20, 2023 - 12:00 a.m.
Linux Kernel nf_tables_expr_destroy Use-After-Free Privilege Escalation Vulnerability
2023-12-2000:00:00
Bien Pham (@bienpnn)
www.zerodayinitiative.com
13
linux kernel
nf_tables_expr_destroy
use-after-free
privilege escalation
vulnerability
local attackers
arbitrary code
root
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nf_tables_expr_destroy method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.
References
Related
nessus
nessus
RHEL 7 : kpatch-patch (RHSA-2022:5804)
2022-08-02 00:00:00
RHEL 8 : kpatch-patch (RHSA-2022:5641)
2022-07-20 00:00:00
RHEL 8 : kpatch-patch (RHSA-2022:5648)
2022-07-20 00:00:00
prion
prion
Design/Logic Flaw
2022-06-02 21:15:00
Type confusion
2022-07-04 21:15:00
cbl_mariner
cbl_mariner
CVE-2022-32250 affecting package kernel 5.10.117.1-2
2022-07-14 21:00:16
CVE-2022-32250 affecting package kernel for versions less than 5.15.45.1-2
2022-06-26 03:30:03
f5
f5
K000133447 : Linux kernel vulnerability CVE-2022-32250
2023-04-11 00:00:00
redhat
redhat
(RHSA-2022:5805) Important: kernel security update
2022-08-02 06:10:16
(RHSA-2022:5802) Important: kernel security update
2022-08-02 06:09:14
(RHSA-2022:5804) Important: kpatch-patch security update
2022-08-02 06:09:38
githubexploit
githubexploit
Exploit for Use After Free in Linux Linux Kernel
2022-08-24 06:00:47
Exploit for Use After Free in Linux Linux Kernel
2024-06-09 19:53:54
Exploit for Use After Free in Linux Linux Kernel
2023-01-27 14:44:39
cvelist
cvelist
CVE-2022-32250
2022-06-02 20:51:34
CVE-2022-34918
2022-07-04 20:07:32
nvd
nvd
debiancve
debiancve
CVE-2022-32250
2022-06-02 21:15:07
CVE-2022-34918
2022-07-04 21:15:07
redhatcve
redhatcve
CVE-2022-32250
2022-06-07 02:30:38
CVE-2022-1966
2022-06-07 00:27:02
redos
redos
ROS-20220619-01
2022-06-19 00:00:00
cve
cve
ubuntucve
ubuntucve
CVE-2022-32250
2022-06-02 00:00:00
CVE-2022-34918
2022-07-04 00:00:00
osv
osv
Important: kernel security and bug fix update
2022-08-02 07:00:14
Important: kernel security and bug fix update
2022-08-03 00:00:00
Important: kernel-rt security and bug fix update
2022-08-02 00:00:00
almalinux
almalinux
Important: kernel security and bug fix update
2022-08-03 00:00:00
Important: kernel-rt security and bug fix update
2022-08-02 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2022-08-02 07:11:05
kernel security and bug fix update
2022-08-02 07:00:14
oraclelinux
oraclelinux
kernel security and bug fix update
2022-08-08 00:00:00
Unbreakable Enterprise kernel security update
2022-08-02 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2022-08-02 19:42:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0482
2022-06-07 00:00:00
Important Photon OS Security Update - PHSA-2022-0195
2022-06-08 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0195
2022-06-08 00:00:00
openvas
openvas
openSUSE: Security Advisory for the (SUSE-SU-2022:2722-1)
2022-08-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2722-1)
2022-08-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2172-1)
2022-06-27 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2022-08-09 00:00:00
Security update for the Linux Kernel (important)
2022-06-24 00:00:00
Security update for the Linux Kernel (important)
2022-08-10 00:00:00
amazon
amazon
Important: kernel
2022-06-30 23:38:00
Important: kernel
2022-07-06 03:13:00
