---

CVE-2022-1972 - log back

CVE-2022-1972 edited at 07 Jun 2022 10:25:04

References

https://seclists.org/oss-sec/2022/q2/164 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=fecf31ee395b0295f2d7260aa29946b7605f7c85 https://github.com/torvalds/linux/commit/fecf31ee395b0295f2d7260aa29946b7605f7c85 - https://github.com/torvalds/linux/commit/c9a46a3d549286861259c19af4747e12cfaeece9 https://github.com/torvalds/linux/commit/f3a2181e16f1dcbf5446ed43f6b5d9f56c459f85

CVE-2022-1972 created at 07 Jun 2022 10:24:14
Severity	+ High
Remote	+ Local
Type	+ Privilege escalation
Description	+ a user with the ability to create user/net namespaces can exploit an out-of-bounds write in netflter to achieve privilege escalation to root.
References	+ https://seclists.org/oss-sec/2022/q2/164 + https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=fecf31ee395b0295f2d7260aa29946b7605f7c85 + https://github.com/torvalds/linux/commit/fecf31ee395b0295f2d7260aa29946b7605f7c85 + https://github.com/torvalds/linux/commit/c9a46a3d549286861259c19af4747e12cfaeece9 + https://github.com/torvalds/linux/commit/f3a2181e16f1dcbf5446ed43f6b5d9f56c459f85
Notes