PT-2022-7210 · Linux+7 · Linux Kernel+7

Gwangun Jung

Published

2022-08-21

Updated

2023-08-14

CVE-2022-39190

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.6

Description An issue in the Linux kernel's net/netfilter/nf tables api.c component can cause a denial of service when binding to an already bound chain. The vulnerability is related to errors in resource release, which can be exploited to cause a denial of service.

Recommendations For Linux kernel versions prior to 5.19.6, update to version 5.19.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the nf tables api.c component to minimize the risk of exploitation.

Fix

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

ALSA-2022:7933

ALSA-2022:8267

ALT-PU-2022-2573

ALT-PU-2022-2594

ALT-PU-2022-2915

ALT-PU-2022-2919

ALT-PU-2023-1684

ALT-PU-2023-1741

ALT-PU-2023-1814

ALT-PU-2023-4894

AZL-10860

BDU:2023-09094

CVE-2022-39190

DLA-3173-1

MGASA-2022-0324

MGASA-2022-0380

OESA-2022-1927

OPENSUSE-SU-2022_3264-1

OPENSUSE-SU-2022_3288-1

OPENSUSE-SU-2022_3293-1

OPENSUSE-SU-2022_3609-1

OPENSUSE-SU-2022_4617-1

RHSA-2022:7933

RHSA-2022:8267

RHSA-2022_7933

RHSA-2022_8267

SUSE-SU-2022:3264-1

SUSE-SU-2022:3288-1

SUSE-SU-2022:3293-1

SUSE-SU-2022:3609-1

SUSE-SU-2022:3809-1

SUSE-SU-2022:4617-1

USN-5729-1

USN-5729-2

Affected Products

Alt Linux

Almalinux

Astra Linux

Linuxmint

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2022-7210 · Linux+7 · Linux Kernel+7

CVE-2022-39190

Weakness Enumeration

Related Identifiers

Affected Products

References · 631