{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-2586", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2022-07-29T22:01:19.576Z", "datePublished": "2024-01-08T17:46:06.110Z", "dateUpdated": "2024-08-19T07:48:13.351Z"}, "containers": {"cna": {"affected": [{"packageName": "linux", "product": "linux", "vendor": "The Linux Kernel Organization", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git", "platforms": ["Linux"], "versions": [{"lessThan": "6.0~rc1", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE"}]}], "references": [{"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5564-1"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5560-2"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5582-1"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5567-1"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5560-1"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5566-1"}, {"tags": ["issue-tracking"], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/5"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5565-1"}, {"tags": ["issue-tracking"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1118/"}, {"tags": ["issue-tracking"], "url": "https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5562-1"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5557-1"}, {"tags": ["issue-tracking"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586"}], "credits": [{"lang": "en", "type": "finder", "value": "Team Orca of Sea Security (@seasecresponse) working with Trend Micro's Zero Day Initiative"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2024-01-08T17:46:06.110Z"}}, "adp": [{"affected": [{"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "6.0-rc1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-26T15:34:35.432398Z", "id": "CVE-2022-2586", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-06-26", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-26T16:20:22.577Z"}, "timeline": [{"time": "2024-06-26T00:00:00+00:00", "lang": "en", "value": "CVE-2022-2586 added to CISA KEV"}]}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-19T07:48:13.351Z"}, "title": "CVE Program Container", "references": [{"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5564-1"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5560-2"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5582-1"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5567-1"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5560-1"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5566-1"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/5"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5565-1"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1118/"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5562-1"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5557-1"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586"}, {"url": "https://www.vicarius.io/vsociety/posts/use-after-free-vulnerability-linked-chain-between-nft-tables-cve-2022-2586"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://ubuntu.com/security/notices/USN-5564-1", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://ubuntu.com/security/notices/USN-5560-2", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://ubuntu.com/security/notices/USN-5582-1", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://ubuntu.com/security/notices/USN-5567-1", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://ubuntu.com/security/notices/USN-5560-1", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://ubuntu.com/security/notices/USN-5566-1", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2022/08/09/5", "tags": ["issue-tracking", "x_transferred"]}, {"url": "https://ubuntu.com/security/notices/USN-5565-1", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1118/", "tags": ["issue-tracking", "x_transferred"]}, {"url": "https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t", "tags": ["issue-tracking", "x_transferred"]}, {"url": "https://ubuntu.com/security/notices/USN-5562-1", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://ubuntu.com/security/notices/USN-5557-1", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586", "tags": ["issue-tracking", "x_transferred"]}, {"url": "https://www.vicarius.io/vsociety/posts/use-after-free-vulnerability-linked-chain-between-nft-tables-cve-2022-2586"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-19T07:48:13.351Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-2586", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-26T15:34:35.432398Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-06-26", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-2586"}}}], "affected": [{"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "0", "lessThan": "6.0-rc1", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-25T19:04:24.289Z"}, "timeline": [{"lang": "en", "time": "2024-06-26T00:00:00+00:00", "value": "CVE-2022-2586 added to CISA KEV"}]}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Team Orca of Sea Security (@seasecresponse) working with Trend Micro's Zero Day Initiative"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git", "vendor": "The Linux Kernel Organization", "product": "linux", "versions": [{"status": "affected", "version": "0", "lessThan": "6.0~rc1", "versionType": "semver"}], "platforms": ["Linux"], "packageName": "linux"}], "references": [{"url": "https://ubuntu.com/security/notices/USN-5564-1", "tags": ["third-party-advisory"]}, {"url": "https://ubuntu.com/security/notices/USN-5560-2", "tags": ["third-party-advisory"]}, {"url": "https://ubuntu.com/security/notices/USN-5582-1", "tags": ["third-party-advisory"]}, {"url": "https://ubuntu.com/security/notices/USN-5567-1", "tags": ["third-party-advisory"]}, {"url": "https://ubuntu.com/security/notices/USN-5560-1", "tags": ["third-party-advisory"]}, {"url": "https://ubuntu.com/security/notices/USN-5566-1", "tags": ["third-party-advisory"]}, {"url": "https://www.openwall.com/lists/oss-security/2022/08/09/5", "tags": ["issue-tracking"]}, {"url": "https://ubuntu.com/security/notices/USN-5565-1", "tags": ["third-party-advisory"]}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1118/", "tags": ["issue-tracking"]}, {"url": "https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t", "tags": ["issue-tracking"]}, {"url": "https://ubuntu.com/security/notices/USN-5562-1", "tags": ["third-party-advisory"]}, {"url": "https://ubuntu.com/security/notices/USN-5557-1", "tags": ["third-party-advisory"]}, {"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586", "tags": ["issue-tracking"]}], "descriptions": [{"lang": "en", "value": "It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416"}]}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2024-01-08T17:46:06.110Z"}}}, "cveMetadata": {"cveId": "CVE-2022-2586", "state": "PUBLISHED", "dateUpdated": "2024-08-19T07:48:13.351Z", "dateReserved": "2022-07-29T22:01:19.576Z", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "datePublished": "2024-01-08T17:46:06.110Z", "assignerShortName": "canonical"}, "dataVersion": "5.1"}

{"cisaActionDue": "2024-07-17", "cisaExploitAdd": "2024-06-26", "cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "cisaVulnerabilityName": "Linux Kernel Use-After-Free Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3369AE19-74F5-4B36-A1B4-3C7A6FC23C3B", "versionEndIncluding": "5.19.17", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*", "matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*", "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted."}, {"lang": "es", "value": "Se descubri\u00f3 que un objeto o expresi\u00f3n nft pod\u00eda hacer referencia a un conjunto nft en una tabla nft diferente, lo que generaba un use-after-free una vez que se eliminaba esa tabla."}], "id": "CVE-2022-2586", "lastModified": "2024-06-27T01:00:01.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 4.2, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2024-01-08T18:15:44.620", "references": [{"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586"}, {"source": "security@ubuntu.com", "tags": ["Mailing List", "Patch"], "url": "https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5557-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5560-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5560-2"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5562-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5564-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5565-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5566-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5567-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5582-1"}, {"source": "security@ubuntu.com", "tags": ["Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/5"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1118/"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-416"}], "source": "security@ubuntu.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Team Orca (Sea Security) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2022:7444", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-425.3.1.rt7.213.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-11-08T00:00:00Z"}, {"advisory": "RHSA-2022:7683", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-425.3.1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-11-08T00:00:00Z"}, {"advisory": "RHSA-2024:0724", "cpe": "cpe:/o:redhat:rhel_eus:8.6", "package": "kernel-0:4.18.0-372.91.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-02-07T00:00:00Z"}, {"advisory": "RHSA-2022:8267", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.6.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}, {"advisory": "RHSA-2022:7933", "cpe": "cpe:/a:redhat:enterprise_linux:9::nfv", "package": "kernel-rt-0:5.14.0-162.6.1.rt21.168.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}, {"advisory": "RHSA-2022:8267", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.6.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}, {"advisory": "RHSA-2024:0724", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "kernel-0:4.18.0-372.91.1.el8_6", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2024-02-07T00:00:00Z"}], "bugzilla": {"description": "kernel: nf_tables cross-table potential use-after-free may lead to local privilege escalation", "id": "2114878", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2114878"}, "csaw": true, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.", "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2022-2586", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2022-08-09T17:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-2586\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-2586\nhttps://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t\nhttps://www.openwall.com/lists/oss-security/2022/08/09/5\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "threat_severity": "Moderate", "upstream_fix": "kernel 6.0 rc1"}