Linux Kernel Filter Implementation Vulnerability in Various Products
CVE-2022-2588

5.3MEDIUM

Key Information:

Vendor

The Linux Organization

Status
Linux
Vendor
CVE Published:
8 January 2024

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 58%

What is CVE-2022-2588?

A vulnerability has been identified in the cls_route filter implementation of the Linux kernel. This flaw can result in failure to remove an old filter from the hashtable before it is freed, particularly if the filter's handle is set to 0. This oversight can potentially lead to unanticipated behaviors in the system, affecting the stability and security of various applications relying on the kernel's routing capabilities. Users and administrators of affected systems should ensure they have the latest security updates applied to mitigate any risks associated with this vulnerability.

Affected Version(s)

linux Linux 0 < 6.0~rc1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2022-2588
Created by Markakd

CVE-2022-2588
Created by veritas501

CVE-2022-2588
Created by BassamGraini

References

https://ubuntu.com/security/notices/USN-5565-1
third-party-advisory
https://ubuntu.com/security/notices/USN-5562-1
third-party-advisory
https://www.openwall.com/lists/oss-security/2022/08/09/6
issue-tracking

EPSS Score

58% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

Credit

Zhenpeng Lin working with Trend Micro's Zero Day Initiative
.