Lucene search

K
nvd[email protected]NVD:CVE-2022-25636
HistoryFeb 24, 2022 - 3:15 p.m.

CVE-2022-25636

2022-02-2415:15:31
CWE-269
web.nvd.nist.gov
3

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

12.7%

net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.

Affected configurations

NVD
Node
linuxlinux_kernelRange5.45.4.182
OR
linuxlinux_kernelRange5.55.10.103
OR
linuxlinux_kernelRange5.115.15.26
OR
linuxlinux_kernelRange5.165.16.12
Node
debiandebian_linuxMatch11.0
Node
netapph300eMatch-
OR
netapph300sMatch-
OR
netapph410cMatch-
OR
netapph410sMatch-
OR
netapph500eMatch-
OR
netapph500sMatch-
OR
netapph700eMatch-
OR
netapph700sMatch-
Node
oraclecommunications_cloud_native_core_binding_support_functionMatch22.1.3
OR
oraclecommunications_cloud_native_core_network_exposure_functionMatch22.1.1
OR
oraclecommunications_cloud_native_core_policyMatch22.2.0

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

12.7%