PT-2022-2030 · Linux+5 · Linux Kernel+5

David Bouman

·

Published

2013-12-03

·

Updated

2026-04-05

·

CVE-2022-1015

CVSS v3.1

6.6

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw was found in the Linux kernel in the netfilter subsystem, specifically in the linux/net/netfilter/nf tables api.c file. This issue allows a local user to cause an out-of-bounds write problem. The vulnerability is related to the nf tables module and can be exploited to elevate privileges using unshare(CLONE NEWUSER) or unshare(CLONE NEWNET) calls. The exploit can construct a filter that depends on the value of a kernel address on the stack, leaking the KASLR offset by observing side-effects, and then build a ROP chain to gain root privileges.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Validation of Array Index

Memory Corruption

Access of Uninitialized Pointer

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-129CWE-787CWE-824CWE-416

Related Identifiers

ALSA-2022_7444
ALSA-2022_7683
ALSA-2022_7933
ALSA-2022_8267
ALSA-2024_2394
ALSA-2025_16880
ALT-PU-2013-1234
ALT-PU-2014-1422
ALT-PU-2022-1592
ALT-PU-2022-1647
ALT-PU-2022-1730
ALT-PU-2022-1739
ALT-PU-2022-1768
ALT-PU-2022-1816
ALT-PU-2022-2155
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
AZL-9643
BDU:2022-01629
BDU:2022-01630
CESA-2022_7444
CESA-2022_7683
CVE-2022-1015
DLA-3065-1
DSA-5127-1
DSA-5173-1
ELSA-2022-7683
ELSA-2022-8267
ELSA-2022-9266
ELSA-2022-9267
ELSA-2022-9270
ELSA-2022-9271
ELSA-2022-9273
ELSA-2022-9274
ELSA-2022-9313
ELSA-2022-9314
ELSA-2022-9348
ELSA-2022-9365
ELSA-2022-9368
ELSA-2022-9533
ELSA-2022-9534
ELSA-2023-12759
LSN-0090-1
MGASA-2022-0121
MGASA-2022-0122
OESA-2023-1250
OESA-2023-1253
OPENSUSE-SU-2022_1163-1
OPENSUSE-SU-2022_1183-1
OPENSUSE-SU-2022_1256-1
OPENSUSE-SU-2022_2520-1
OPENSUSE-SU-2022_2615-1
OPENSUSE-SU-2025_1195-1
OPENSUSE-SU-2025_1263-1
RHSA-2022:7444
RHSA-2022:7683
RHSA-2022:7933
RHSA-2022:8267
RHSA-2022_7444
RHSA-2022_7683
RHSA-2022_7933
RHSA-2022_8267
RHSA-2023:4137
RHSA-2023:4138
RHSA-2024:0412
RLSA-2022_7444
RLSA-2022_7683
SUSE-SU-2022_1163-1
SUSE-SU-2022_1183-1
SUSE-SU-2022_1196-1
SUSE-SU-2022_1197-1
SUSE-SU-2022_1255-1
SUSE-SU-2022_1256-1
SUSE-SU-2022_1257-1
SUSE-SU-2022_1266-1
SUSE-SU-2022_1267-1
SUSE-SU-2022_1270-1
SUSE-SU-2022_1283-1
SUSE-SU-2022_1326-1
SUSE-SU-2022_1329-1
SUSE-SU-2022_1335-1
SUSE-SU-2022_1369-1
SUSE-SU-2022_1407-1
SUSE-SU-2022_1440-1
SUSE-SU-2022_1453-1
SUSE-SU-2022_2268-1
SUSE-SU-2022_2520-1
SUSE-SU-2022_2615-1
SUSE-SU-2025_1195-1
SUSE-SU-2025_1241-1
SUSE-SU-2025_1263-1
SUSE-SU-2025_1293-1
USN-5381-1
USN-5383-1
USN-5390-1
USN-5390-2
USN-5415-1
USN-5466-1
USN-6001-1
USN-6013-1
USN-6014-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Ubuntu