Use After Free Vulnerability in Linux Kernel's Netfilter nf_tables
CVE-2022-49919

7HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2025

Summary

This vulnerability in the Linux kernel's netfilter component could lead to a use after free condition triggered by race conditions with the netlink notifier. By optimizing the release of flow rule objects, the need to delay this operation to the commit release path has been eliminated. This enhancement improves memory management in control plane operations, ensuring better stability and security in packet handling.

Affected Version(s)

Linux 5b8d63489c3b701eb2a76f848ec94d8cbc9373b9 < 74fd5839467054cd9c4d050614d3ee8788386171

Linux 330c0c6cd2150a2d7f47af16aa590078b0d2f736

Linux e33d9bd563e71f6c6528b96008d65524a459c4dc < 6044791b7be707fd0e709f26e961a446424e5051

References

https://git.kernel.org/stable/c/74fd5839467054cd9c4d05061...

https://git.kernel.org/stable/c/b2d7a92aff0fbd93c29d2aa64...

https://git.kernel.org/stable/c/6044791b7be707fd0e709f26e...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 1, 2025
Vulnerability Reserved
May 1, 2025