by vicarius
log in join community
by @basantSingh007
25 Aug 2023
#cve_analysis

Write a blog analysis for a CVE

publish

Use-After-Free Vulnerability - CVE-2022-32250

by @basantSingh007
by @basantSingh007
25 Aug 2023
#cve_analysis

Write a blog analysis for a CVE

publish

Use-After-Free Vulnerability - CVE-2022-32250

CVEs

CVE-2022-32250
7.8 High Severity

OS

Fedora
FedoraFedoraproject
41.0.1.0.*
40.0.0.0.*
*.*
3334.*
37.*
30.*
40.*
38.*
28.*
31.*
Debian Linux
Debian LinuxDebian
22.04.*
2.5.3-3.*
2.5.3-16.*
2.5.2-1.*
*.*
2.1.8.8.p3-1.1.*
10.10.*
3.0.23.*
12.4.*
3.0.18.*
LK
Linux KernelLinux
6.17.10.*
6.12.60.*
6.17.9.*
6.17.8.*
6.12.58.*
6.12.56.*
6.1.158.*
5.4.301.*
5.15.196.*
5.10.246.*
HF
H410S FirmwareNetapp
-.*
HF
H700S FirmwareNetapp
-.*
HF
H500S FirmwareNetapp
-.*
HF
H300S FirmwareNetapp
-.*
HF
H410C FirmwareNetapp
-.*

Screenshots from the blog posts

images/cll658k0vaa071io84j4sg4ms.jpgimages/cll658k0vaa071io84j4sg4ms.jpg

Summary

CVE-2022-32250 - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.

Description

Tags

#CVE-2022-32250#nft_tables#netfilter#nf_tables#UAF
users/photos/clppy146t93zn1hnace5s1c7a.jpg

@basantSingh007

6 posts

Total vcoins

0

Comments (2)