Updated:
Description:
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow SET_ID to refer to another table When doing lookups for sets on the same batch by using its ID, a set from a different table can be used. Then, when the table is removed, a reference to the set may be kept after the set is freed, leading to a potential use-after-free. When looking for sets by ID, use the table that was used for the lookup by name, and only return sets belonging to that same table. This fixes CVE-2022-2586, also reported as ZDI-CAN-17470.
CVSS3: 7.8
| OS | Vendor version | Errata |
|---|---|---|
| Amazon Linux 2 | 4.14.318-240.529.amzn2 | ALAS2-2023-2100 |
| RHEL 8 | 4.18.0-425.3.1.el8 | RHSA-2022:7683 |
| RHEL 9 | 5.14.0-162.6.1.el9_1 | RHSA-2022:8267 |
| Amazon Linux 2 5.4 | 5.4.209-116.367.amzn2 | ALAS2KERNEL-5.4-2022-035 |
| Amazon Linux 2 5.10 | 5.10.144-127.601.amzn2 | ALAS2KERNEL-5.10-2022-020 |
| RHEL9 EUS 9.0 | 5.14.0-70.101.1.el9_0 | RHSA-2024:3421 |
| OS | Original kernel version | State |
|---|---|---|
| Amazon Linux 2 | |
Planned |
| RHEL 8 | |
Planned |
| RHEL 9 | |
Planned |
| Amazon Linux 2 5.4 | |
Planned |
| Amazon Linux 2 5.10 | |
Planned |
| RHEL9 EUS 9.0 | |
Planned |