---

CVE-2022-1966 - log back

CVE-2022-1966 edited at 07 Jun 2022 10:25:22

References

https://seclists.org/oss-sec/2022/q2/159 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/net/netfilter?id=520778042ccca019f3ffa136dd0ca565c486cedd https://github.com/torvalds/linux/commit/520778042ccca019f3ffa136dd0ca565c486cedd - https://github.com/torvalds/linux/commit/8f44c83e51b4ca49c815f8dd0d9c38f497cdbcb0 https://github.com/torvalds/linux/commit/0b2d8a7b638b5034d2d68f6add8af94daaa1d4cd

CVE-2022-1966 created at 07 Jun 2022 10:15:42
Severity	+ High
Remote	+ Local
Type	+ Privilege escalation
Description	+ a user with the ability to create user/net namespaces can exploit a use-after-free write in netflter to achieve privilege escalation to root.
References	+ https://seclists.org/oss-sec/2022/q2/159 + https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/net/netfilter?id=520778042ccca019f3ffa136dd0ca565c486cedd + https://github.com/torvalds/linux/commit/520778042ccca019f3ffa136dd0ca565c486cedd + https://github.com/torvalds/linux/commit/8f44c83e51b4ca49c815f8dd0d9c38f497cdbcb0 + https://github.com/torvalds/linux/commit/0b2d8a7b638b5034d2d68f6add8af94daaa1d4cd
Notes