A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

🗓️ 30 Mar 2022 07:00:00Reported by MicrosoftType

Heap overflow in IP security code allows local users to overwrite kernel heap objects and escalate privileges.

Reporter	Title	Published	Views	Family All 488
GithubExploit	Exploit for Out-of-bounds Write in Linux Linux_Kernel	23 Mar 202222:54	–	githubexploit
GithubExploit	Exploit for Out-of-bounds Write in Netapp C400_Firmware	3 Feb 202622:28	–	githubexploit
IBM Security Bulletins	Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System	29 Aug 202211:08	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel, Golang Go, and cURL libcurl may affect IBM Spectrum Protect Plus	13 Dec 202219:27	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel and OpenSSL may affect IBM Spectrum Copy Data Management	17 Sep 202201:21	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to elevated privileges in Linux Kernel (CVE-2022-27666).	12 Jan 202321:59	–	ibm
ICS	Russian Military Cyber Actors Target US and Global Critical Infrastructure	5 Sep 202412:00	–	ics
ATTACKERKB	CVE-2022-27666	23 Mar 202206:15	–	attackerkb
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2-2022-1774 (ALAS-2022-1774)	19 Apr 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2022-012 (ALASKERNEL-5.10-2022-012)	2 May 202200:00	–	nessus