7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A flaw in the Linux kernel has been discovered. If exploited, this flaw could allow a local attacker to gain privileges on targeted systems, allowing them to escape containers, execute arbitrary code, or cause a kernel panic. This heap out-of-bounds write vulnerability has been assigned CVE-2022-25636 and affects the Linux kernel's netfilter subcomponent. Netfilter is a Linux kernel framework that enables various networking-related operations such as packet filtering, network address translation, and port translation. The bug is related to an issue with the framework's incorrect handling of the hardware offload feature, which could be utilized by a local attacker to cause a denial-of-service (DoS) or possibly execute arbitrary code. This issue has been fixed in Linux kernel version 5.7 and vendors such as RedHat, SUSE, Ubuntu, and Oracle has also made a fix available for the same. Potential MITRE ATT&CK TTPs are:TA0042: Resource DevelopmentT1588: Obtain CapabilitiesT1588.006: Obtain Capabilities: VulnerabilitiesTA0001: Initial AccessT1190: Exploit Public-Facing ApplicationTA0040: ImpactT1499: Endpoint Denial of ServiceT1499.004: Endpoint Denial of Service: Application or System Exploitation Vulnerability Details Patch Link https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/snapshot/nf-b1a5983f56e371046dcf164f90bfaf704d2b89f6.tar.gz References https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/ https://access.redhat.com/security/cve/CVE-2022-25636 https://www.openwall.com/lists/oss-security/2022/02/21/2 https://security-tracker.debian.org/tracker/CVE-2022-25636 https://linux.oracle.com/cve/CVE-2022-25636.html https://www.suse.com/security/cve/CVE-2022-25636.html https://ubuntu.com/security/CVE-2022-25636
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C