Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiTeam Orca of Sea Security (@seasecresponse), security.sea.comZDI-22-1118
HistoryAug 18, 2022 - 12:00 a.m.

(Pwn2Own) Linux Kernel nft_object Use-After-Free Privilege Escalation Vulnerability

2022-08-1800:00:00
Team Orca of Sea Security (@seasecresponse), security.sea.com
www.zerodayinitiative.com
100
linux kernel
nft_object
use-after-free
privilege escalation
local attacker
arbitrary code

EPSS

0.01

Percentile

84.1%

JSON

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of nft_objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.

Related

cve 1
nvd 1
cisa_kev 1
prion 1
githubexploit 1
vulnrichment 1
redhatcve 1
attackerkb 1
debiancve 1
ubuntucve 1
veracode 1
cvelist 1
cbl_mariner 1
nessus 65
openvas 34
osv 18
ubuntu 10
photon 4
fedora 2
thn 1
oraclelinux 6
mageia 2
redos 1
amazon 3
debian 3
suse 5
ibm 2
rocky 2
almalinux 4
redhat 9
slackware 1
ics 2
avleonov 1
cve
cve
CVE-2022-2586
2024-01-08 18:15:44
nvd
nvd
CVE-2022-2586
2024-01-08 18:15:44
cisa_kev
cisa_kev
Linux Kernel Use-After-Free Vulnerability
2024-06-26 00:00:00
prion
prion
Design/Logic Flaw
2024-01-08 18:15:00
githubexploit
githubexploit
Exploit for Use After Free in Linux Linux Kernel
2022-09-03 19:04:31
vulnrichment
vulnrichment
CVE-2022-2586
2024-01-08 17:46:06
redhatcve
redhatcve
CVE-2022-2586
2022-08-09 18:37:11
attackerkb
attackerkb
CVE-2022-2586
2024-01-08 00:00:00
debiancve
debiancve
CVE-2022-2586
2024-01-08 18:15:44
ubuntucve
ubuntucve
CVE-2022-2586
2022-08-09 00:00:00
veracode
veracode
Privilege Escalation
2022-09-16 19:39:12
cvelist
cvelist
CVE-2022-2586
2024-01-08 17:46:06
cbl_mariner
cbl_mariner
CVE-2022-2586 affecting package kernel for versions less than 5.15.153.1-1
2024-04-09 20:48:36
nessus
nessus
Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5557-1)
2022-08-10 00:00:00
Photon OS 3.0: Linux PHSA-2022-3.0-0433
2024-07-24 00:00:00
Photon OS 4.0: Linux PHSA-2022-4.0-0226
2024-07-23 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5557-1)
2022-08-26 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2022-9bbb1d9b7b)
2022-08-15 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2022-484e226872)
2022-08-15 00:00:00
osv
osv
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
2022-08-09 23:44:12
linux-oem-5.14, linux-oem-5.17 vulnerabilities
2022-08-10 18:26:10
linux, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities
2022-08-10 17:37:09
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-08-09 00:00:00
Linux kernel (OEM) vulnerabilities
2022-08-10 00:00:00
Linux kernel vulnerabilities
2022-08-10 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0226
2022-08-10 00:00:00
Moderate Photon OS Security Update - PHSA-2022-0506
2022-08-10 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0226
2022-08-10 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: kernel-5.18.17-200.fc36
2022-08-14 02:39:58
[SECURITY] Fedora 35 Update: kernel-5.18.17-100.fc35
2022-08-14 03:02:16
thn
thn
ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor
2024-06-22 11:28:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2022-09-21 00:00:00
Unbreakable Enterprise kernel security update
2022-09-22 00:00:00
Unbreakable Enterprise kernel-container security update
2022-09-21 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2022-08-26 00:21:07
Updated kernel-linus packages fix security vulnerabilities
2022-08-26 00:21:07
redos
redos
ROS-20220908-01
2022-09-08 00:00:00
amazon
amazon
Important: kernel
2023-06-21 19:11:00
Important: kernel
2023-06-21 19:11:00
Important: kernel
2023-06-21 19:11:00
debian
debian
[SECURITY] [DLA 3102-1] linux-5.10 new package
2022-09-11 19:35:03
[SECURITY] [DSA 5207-1] linux security update
2022-08-15 19:52:20
[SECURITY] [DLA 3131-1] linux security update
2022-10-02 16:44:48
suse
suse
Security update for the Linux Kernel (important)
2022-10-14 00:00:00
Security update for the Linux Kernel (important)
2022-11-02 00:00:00
Security update for the Linux Kernel (important)
2022-10-26 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Linux Kernel and Golang Go might affect IBM Spectrum Copy Data Management
2023-01-17 16:48:39
Security Bulletin: Vulnerabilities in Linux Kernel may affect IBM Spectrum Protect Plus
2023-03-16 14:18:44
rocky
rocky
kernel-rt security and bug fix update
2022-11-08 06:19:55
kernel security, bug fix, and enhancement update
2022-11-08 06:26:19
almalinux
almalinux
Moderate: kernel-rt security and bug fix update
2022-11-08 00:00:00
Moderate: kernel security, bug fix, and enhancement update
2022-11-08 00:00:00
Moderate: kernel security, bug fix, and enhancement update
2022-11-15 00:00:00
redhat
redhat
(RHSA-2022:7683) Moderate: kernel security, bug fix, and enhancement update
2022-11-08 06:26:19
(RHSA-2022:7444) Moderate: kernel-rt security and bug fix update
2022-11-08 06:19:55
(RHSA-2022:7933) Moderate: kernel-rt security and bug fix update
2022-11-15 06:11:40
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2022-08-26 04:17:47
ics
ics
Siemens SIMATIC S7-1500 TM MFP Linux Kernel
2023-06-15 12:00:00
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
avleonov
avleonov
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
2022-12-30 18:03:13

EPSS

0.01

Percentile

84.1%

JSON
Related for ZDI-22-1118
cve1nvd1cisa_kev1prion1githubexploit1vulnrichment1redhatcve1attackerkb1debiancve1ubuntucve1veracode1cvelist1cbl_mariner1nessus65openvas34osv18ubuntu10photon4fedora2thn1oraclelinux6mageia2redos1amazon3debian3suse5ibm2rocky2almalinux4redhat9slackware1ics2avleonov1