CVE-2022-25636 - log back

CVE-2022-25636 edited at 15 Mar 2022 09:14:45
Severity
- Unknown
+ High
Remote
- Unknown
+ Local
Type
- Unknown
+ Privilege escalation
Description
+ An out-of-bounds (OOB) memory access flaw was found in nft_fwd_dup_netdev_offload in net/netfilter/nf_dup_netdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a privilege escalation threat.
References
+ https://github.com/torvalds/linux/commit/b1a5983f56e371046dcf164f90bfaf704d2b89f6
+ https://www.openwall.com/lists/oss-security/2022/02/21/2
Notes
CVE-2022-25636 created at 15 Mar 2022 09:13:30