Use After Free Vulnerability in Linux Kernel's Netfilter nf_tables
CVE-2022-49919
7HIGH
What is CVE-2022-49919?
This vulnerability in the Linux kernel's netfilter component could lead to a use after free condition triggered by race conditions with the netlink notifier. By optimizing the release of flow rule objects, the need to delay this operation to the commit release path has been eliminated. This enhancement improves memory management in control plane operations, ensuring better stability and security in packet handling.
Affected Version(s)
Linux 5b8d63489c3b701eb2a76f848ec94d8cbc9373b9 < 74fd5839467054cd9c4d050614d3ee8788386171
Linux 330c0c6cd2150a2d7f47af16aa590078b0d2f736
Linux e33d9bd563e71f6c6528b96008d65524a459c4dc < 6044791b7be707fd0e709f26e961a446424e5051