CVE-2022-25636

Description from NVD

net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.

Information Acquisition Date:2022-03-31T16:40Z
CVSS 2.0: 6.9 MEDIUM CVSS 3.x: 7.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:L/AC:M/Au:N/C:C/I:C/A:C

NVD References

 https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6
     source:MISC
     tags:Patch    Vendor Advisory    
 https://www.openwall.com/lists/oss-security/2022/02/21/2
     source:MISC
     tags:Exploit    Mailing List    Third Party Advisory    
 [oss-security] 20220222 Re: Linux kernel: heap out of bounds write in nf_dup_netdev.c since 5.4
     source:MLIST
     tags:Mailing List    Patch    Third Party Advisory    
 DSA-5095
     source:DEBIAN
     tags:
 https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/
     source:MISC
     tags:
 https://github.com/Bonfee/CVE-2022-25636
     source:MISC
     tags:
 http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html
     source:MISC
     tags:
 https://security.netapp.com/advisory/ntap-20220325-0002/
     source:CONFIRM
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
https://cvetrends.com48
https://www.willsroot.io/2022/01/cve-2022-0185.html7
https://thehackernews.com/2022/03/new-linux-bug-in-netfilte...7
https://github.com/Bonfee/CVE-2022-256364
https://twitter.com/jingbay/status/15039026288661463074
https://news.ycombinator.com/item?id=306531374
https://ift.tt/pbn2qKa3
https://nickgregory.me/linux/security/2022/03/12/cve-2022-2...3
https://google.github.io/security-research/pocs/linux/cve-2...3
https://access.redhat.com/security/cve/CVE-2022-256363

Information from Twitter

User URL Info Source Date
WolfgangSesin http://www.sesin.at Source WolfgangSesin    1629179482312437760 2023/02/25
WolfgangSesin https://www.sesin.at/2023/02/24/cve-2022-25636-baseboard_ma... Source WolfgangSesin    1629179482312437760 2023/02/25
www_sesin_at http://www.sesin.at Source www_sesin_at     1629179484900323329 2023/02/25
www_sesin_at https://www.sesin.at/2023/02/24/cve-2022-25636-baseboard_ma... Source www_sesin_at     1629179484900323329 2023/02/25

List of frequently cited URLs

URLNum of Times Referred to
cvetrends.com48
www.willsroot.io7
thehackernews.com7
github.com4
twitter.com4
news.ycombinator.com4
ift.tt3
nickgregory.me3
google.github.io3
access.redhat.com3

Information from Twitter

User URL Info Source
WolfgangSesin sesin.at Show Tweet
WolfgangSesin sesin.at Show Tweet
www_sesin_at sesin.at Show Tweet
www_sesin_at sesin.at Show Tweet
GitHub Search Results: Up to 10
NameURL
Bonfee/CVE-2022-25636 https://github.com/Bonfee/CVE-2022-25636
chenaotian/CVE-2022-25636 https://github.com/chenaotian/CVE-2022-25636
GitHub Search Results: Up to 10
NameURL
Bonfee/CVE-2022-25636 github.com
chenaotian/CVE-2022-25636 github.com
2023/02/25 Score : 2
Added Har-sia Database : 2022/02/22
Last Modified : 2023/02/25
Highest Scored Date : 2022/03/16
Highest Score : 59