PT-2024-11862 · Linux+4 · Linux Kernel+4

Gwangun Jung

Published

2022-10-07

Updated

2025-09-29

CVE-2022-48999

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0-rc7

Description A slab-out-of-bounds access was reported in the fib nh match function. The issue occurs when attempting to delete a multipath route while the fib info contains an nh reference. Separate nexthop objects are mutually exclusive with the legacy multipath spec. The fib nh match function has been fixed to return if the config for the to-be-deleted route contains a multipath spec while the fib info is using a nexthop object.

Recommendations For Linux kernel versions prior to 6.0-rc7, update to a version that includes the fix for the fib nh match function to prevent slab-out-of-bounds access. As a temporary workaround, consider restricting the use of multipath routes with nexthop objects to minimize the risk of exploitation.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2025_16880

ALT-PU-2023-1066

BDU:2025-07497

CVE-2022-48999

OPENSUSE-SU-2024_3983-1

OPENSUSE-SU-2024_3985-1

OPENSUSE-SU-2024_4131-1

OPENSUSE-SU-2024_4140-1

SUSE-SU-2024:3983-1

SUSE-SU-2024:3985-1

SUSE-SU-2024:4081-1

SUSE-SU-2024:4082-1

SUSE-SU-2024:4103-1

SUSE-SU-2024:4131-1

SUSE-SU-2024:4140-1

SUSE-SU-2024:4364-1

Affected Products

Alt Linux

Astra Linux

Linux Kernel

Red Os

Suse

PT-2024-11862 · Linux+4 · Linux Kernel+4

CVE-2022-48999

Weakness Enumeration

Related Identifiers

Affected Products

References · 1008