CVE-2022-27666

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.16.15 Linux kernel versions prior to 5.17

Description A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. The vulnerability can be exploited by sending a large message, allowing the attacker to gain root privileges via modprobe path overwrite. Technical details about exploitation include page-level heap fengshui to gain page alloc-to-slab overflow, constructing arbitrary read/write using the msg msg kernel object.

Recommendations For Linux kernel versions prior to 5.16.15, update to version 5.16.15 or later to resolve the issue. For Linux kernel versions prior to 5.17, update to version 5.17 or later to resolve the issue. As a temporary workaround, consider disabling the vulnerable esp4 and esp6 modules until a patch is available. Restrict access to the vulnerable net/ipv4/esp4.c and net/ipv6/esp6.c files to minimize the risk of exploitation. Avoid using the msg msg kernel object in the affected API endpoints until the issue is resolved.