Use-After-Free Vulnerability in Linux Kernel's Netfilter Module
CVE-2022-50212

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 June 2025

What is CVE-2022-50212?

A vulnerability exists in the Linux kernel's Netfilter framework where chain identifiers (CHAIN_ID) can incorrectly reference chains from different tables. This can lead to exploitation when a rule that refers to a chain in another table remains intact after the original table is removed, resulting in a use-after-free condition. To mitigate this issue, it is critical to ensure that chain lookups are constrained to refer only to chains within the same table used for the lookup.

Affected Version(s)

Linux 837830a4b439bfeb86c70b0115c280377c84714b < 9e7dcb88ec8e85e4a8ad0ea494ea2f90f32d2583

Linux 837830a4b439bfeb86c70b0115c280377c84714b < 91501513016903077f91033fa5d2aa26cac399b2

Linux 837830a4b439bfeb86c70b0115c280377c84714b < 0f49613a213d918af790c1276f79da741968de11

References

https://git.kernel.org/stable/c/9e7dcb88ec8e85e4a8ad0ea49...

https://git.kernel.org/stable/c/91501513016903077f91033fa...

https://git.kernel.org/stable/c/0f49613a213d918af790c1276...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Jun 18, 2025