PT-2022-7624 · Linux+3 · Linux Kernel+3
Eric Dumazet
·
Published
2022-03-01
·
Updated
2025-03-19
·
CVE-2022-48911
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux Kernel versions prior to 5.17
Description
The issue is related to a possible use-after-free in the netfilter component of the Linux kernel. This could allow an attacker to impact the confidentiality, integrity, and availability of the system. The problem seems to be with the
sock hold() side, where there is no guarantee that sk refcnt is not already 0. On failure, the packet cannot be queued, and an error needs to be indicated, resulting in the packet being dropped by the caller.Recommendations
To resolve the issue, upgrade to Linux Kernel version 5.17 or later. As a temporary workaround, consider restricting access to the netfilter component until a patch is applied. However, the most effective solution is to update the Linux Kernel to a version that includes the fix for the use-after-free vulnerability in the netfilter component.
Exploit
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Linux Kernel
Red Os
Suse