CVE-2022-2588

2022-08-0900:00:00

ubuntu.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.8%

JSON

It was discovered that the cls_route filter implementation in the Linux
kernel would not remove an old filter from the hashtable before freeing it
if its handle had the value 0.

Notes

Author	Note
sbeattie	ZDI-CAN-17440
eslerm	CWE-416

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-191.202UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-124.140UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-46.49UNKNOWN
ubuntu14.04noarchlinux< 3.13.0-191.242UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-231.265UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1139.150UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1083.90UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1017.21UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1111.117UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1147.162UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< 4.15.0-191.202	UNKNOWN
ubuntu	20.04	noarch	linux	< 5.4.0-124.140	UNKNOWN
ubuntu	22.04	noarch	linux	< 5.15.0-46.49	UNKNOWN
ubuntu	14.04	noarch	linux	< 3.13.0-191.242	UNKNOWN
ubuntu	16.04	noarch	linux	< 4.4.0-231.265	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< 4.15.0-1139.150	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1083.90	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1017.21	UNKNOWN
ubuntu	14.04	noarch	linux-aws	< 4.4.0-1111.117	UNKNOWN
ubuntu	16.04	noarch	linux-aws	< 4.4.0-1147.162	UNKNOWN