Linux Kernel Filter Implementation Vulnerability in Various Products
CVE-2022-2588

7.8HIGH

Key Information:

Vendor
The Linux Kernel Organization
Status
Linux
Vendor
CVE Published:
8 January 2024

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC

Summary

A vulnerability has been identified in the cls_route filter implementation of the Linux kernel. This flaw can result in failure to remove an old filter from the hashtable before it is freed, particularly if the filter's handle is set to 0. This oversight can potentially lead to unanticipated behaviors in the system, affecting the stability and security of various applications relying on the kernel's routing capabilities. Users and administrators of affected systems should ensure they have the latest security updates applied to mitigate any risks associated with this vulnerability.

Affected Version(s)

linux Linux 0 < 6.0~rc1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2022-2588
Created by Markakd

CVE-2022-2588
Created by PolymorphicOpcode

CVE-2022-2588
Created by BassamGraini

References

https://ubuntu.com/security/notices/USN-5565-1
third-party-advisory
https://ubuntu.com/security/notices/USN-5562-1
third-party-advisory
https://www.openwall.com/lists/oss-security/2022/08/09/6
issue-tracking

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

Collectors

NVD DatabaseMitre Database8 Proof of Concept(s)

Credit

Zhenpeng Lin working with Trend Micro's Zero Day Initiative
.