{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-2588", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2022-07-29T23:41:31.412Z", "datePublished": "2024-01-08T17:50:47.948Z", "dateUpdated": "2024-08-03T00:39:08.044Z"}, "containers": {"cna": {"affected": [{"packageName": "linux", "product": "linux", "vendor": "The Linux Kernel Organization", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git", "platforms": ["Linux"], "versions": [{"lessThan": "6.0~rc1", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE"}]}], "references": [{"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5565-1"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5562-1"}, {"tags": ["issue-tracking"], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/6"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5582-1"}, {"tags": ["issue-tracking"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5564-1"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5566-1"}, {"tags": ["issue-tracking"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1117/"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5588-1"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5560-1"}, {"tags": ["issue-tracking"], "url": "https://github.com/Markakd/CVE-2022-2588"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5567-1"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5560-2"}, {"tags": ["issue-tracking"], "url": "https://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u"}, {"tags": ["third-party-advisory"], "url": "https://ubuntu.com/security/notices/USN-5557-1"}], "credits": [{"lang": "en", "type": "finder", "value": "Zhenpeng Lin working with Trend Micro's Zero Day Initiative"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2024-01-08T17:50:47.948Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:39:08.044Z"}, "title": "CVE Program Container", "references": [{"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5565-1"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5562-1"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/6"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5582-1"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5564-1"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5566-1"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1117/"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5588-1"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5560-1"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://github.com/Markakd/CVE-2022-2588"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5567-1"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5560-2"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://ubuntu.com/security/notices/USN-5557-1"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B4EA906-CFF9-4D4A-AFD7-43AC02C77E48", "versionEndExcluding": "4.9.326", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BBC7E43-6161-4F21-977C-5BB7792C6C94", "versionEndExcluding": "4.14.291", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C47CDE3-B039-4AE5-B8E4-1DC820E473FF", "versionEndExcluding": "4.19.256", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1C63D19-C08C-4308-A848-B2523C9275BD", "versionEndExcluding": "5.4.211", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2BF720F-C5EE-4DE2-9BDF-CE4CFBC767F4", "versionEndExcluding": "5.10.137", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "51861563-7F40-460F-82CD-2D3FBDAD6618", "versionEndExcluding": "5.15.61", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B42E453-8837-49D0-A5EF-03F818A6DC11", "versionEndExcluding": "5.18.18", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1A2A5A5-4598-4D7E-BA07-4660398D6C8F", "versionEndExcluding": "5.19.2", "versionStartIncluding": "5.19", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*", "matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*", "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0."}, {"lang": "es", "value": "Se descubri\u00f3 que la implementaci\u00f3n del filtro cls_route en el kernel de Linux no eliminaba un filtro antiguo de la tabla hash antes de liberarlo si su identificador ten\u00eda el valor 0."}], "id": "CVE-2022-2588", "lastModified": "2024-08-22T20:28:03.190", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 4.2, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2024-01-08T18:15:44.840", "references": [{"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588"}, {"source": "security@ubuntu.com", "tags": ["Exploit"], "url": "https://github.com/Markakd/CVE-2022-2588"}, {"source": "security@ubuntu.com", "tags": ["Mailing List", "Patch"], "url": "https://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5557-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5560-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5560-2"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5562-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5564-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5565-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5566-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5567-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5582-1"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5588-1"}, {"source": "security@ubuntu.com", "tags": ["Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2022/08/09/6"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1117/"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-415"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-416"}], "source": "security@ubuntu.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Zhenpeng Lin for reporting this issue.", "affected_release": [{"advisory": "RHSA-2022:7338", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-1160.80.1.rt56.1225.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-11-02T00:00:00Z"}, {"advisory": "RHSA-2022:7337", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-1160.80.1.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-11-02T00:00:00Z"}, {"advisory": "RHSA-2022:7344", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-11-02T00:00:00Z"}, {"advisory": "RHSA-2022:7146", "cpe": "cpe:/o:redhat:rhel_aus:7.4", "package": "kernel-0:3.10.0-693.106.1.el7", "product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date": "2022-10-25T00:00:00Z"}, {"advisory": "RHSA-2022:7171", "cpe": "cpe:/o:redhat:rhel_aus:7.6", "package": "kernel-0:3.10.0-957.99.1.el7", "product_name": "Red Hat Enterprise Linux 7.6 Advanced Update Support", "release_date": "2022-10-25T00:00:00Z"}, {"advisory": "RHSA-2022:7171", "cpe": "cpe:/o:redhat:rhel_tus:7.6", "package": "kernel-0:3.10.0-957.99.1.el7", "product_name": "Red Hat Enterprise Linux 7.6 Telco Extended Update Support", "release_date": "2022-10-25T00:00:00Z"}, {"advisory": "RHSA-2022:7171", "cpe": "cpe:/o:redhat:rhel_e4s:7.6", "package": "kernel-0:3.10.0-957.99.1.el7", "product_name": "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions", "release_date": "2022-10-25T00:00:00Z"}, {"advisory": "RHSA-2022:7173", "cpe": "cpe:/o:redhat:rhel_e4s:7.6", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions", "release_date": "2022-10-25T00:00:00Z"}, {"advisory": "RHSA-2023:4022", "cpe": "cpe:/o:redhat:rhel_aus:7.7", "package": "kernel-0:3.10.0-1062.76.1.el7", "product_name": "Red Hat Enterprise Linux 7.7 Advanced Update Support", "release_date": "2023-07-11T00:00:00Z"}, {"advisory": "RHSA-2023:4022", "cpe": "cpe:/o:redhat:rhel_tus:7.7", "package": "kernel-0:3.10.0-1062.76.1.el7", "product_name": "Red Hat Enterprise Linux 7.7 Telco Extended Update Support", "release_date": "2023-07-11T00:00:00Z"}, {"advisory": "RHSA-2023:4022", "cpe": "cpe:/o:redhat:rhel_e4s:7.7", "package": "kernel-0:3.10.0-1062.76.1.el7", "product_name": "Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions", "release_date": "2023-07-11T00:00:00Z"}, {"advisory": "RHSA-2023:4023", "cpe": "cpe:/o:redhat:rhel_e4s:7.7", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions", "release_date": "2023-07-11T00:00:00Z"}, {"advisory": "RHSA-2022:7134", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-372.32.1.rt7.189.el8_6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-10-25T00:00:00Z"}, {"advisory": "RHSA-2022:7110", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-372.32.1.el8_6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-10-25T00:00:00Z"}, {"advisory": "RHSA-2022:7137", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-10-25T00:00:00Z"}, {"advisory": "RHSA-2022:6872", "cpe": "cpe:/o:redhat:rhel_e4s:8.1", "package": "kernel-0:4.18.0-147.76.1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-10-11T00:00:00Z"}, {"advisory": "RHSA-2022:6875", "cpe": "cpe:/o:redhat:rhel_e4s:8.1", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-10-11T00:00:00Z"}, {"advisory": "RHSA-2022:7279", "cpe": "cpe:/o:redhat:rhel_aus:8.2", "package": "kernel-0:4.18.0-193.93.1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2022-11-01T00:00:00Z"}, {"advisory": "RHSA-2022:7280", "cpe": "cpe:/a:redhat:rhel_tus:8.2::nfv", "package": "kernel-rt-0:4.18.0-193.93.1.rt13.143.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2022-11-01T00:00:00Z"}, {"advisory": "RHSA-2022:7279", "cpe": "cpe:/o:redhat:rhel_tus:8.2", "package": "kernel-0:4.18.0-193.93.1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2022-11-01T00:00:00Z"}, {"advisory": "RHSA-2022:7279", "cpe": "cpe:/o:redhat:rhel_e4s:8.2", "package": "kernel-0:4.18.0-193.93.1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2022-11-01T00:00:00Z"}, {"advisory": "RHSA-2022:7885", "cpe": "cpe:/o:redhat:rhel_e4s:8.2", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2022-11-09T00:00:00Z"}, {"advisory": "RHSA-2022:6991", "cpe": "cpe:/a:redhat:rhel_eus:8.4::nfv", "package": "kernel-rt-0:4.18.0-305.65.1.rt7.137.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-10-18T00:00:00Z"}, {"advisory": "RHSA-2022:6978", "cpe": "cpe:/o:redhat:rhel_eus:8.4", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-10-18T00:00:00Z"}, {"advisory": "RHSA-2022:6983", "cpe": "cpe:/o:redhat:rhel_eus:8.4", "package": "kernel-0:4.18.0-305.65.1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-10-18T00:00:00Z"}, {"advisory": "RHSA-2022:6551", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "redhat-virtualization-host-0:4.5.2-202209140405_8.6", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2022-09-19T00:00:00Z"}, {"advisory": "RHSA-2022:7110", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "kernel-0:4.18.0-372.32.1.el8_6", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2022-10-25T00:00:00Z"}], "bugzilla": {"description": "kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation", "id": "2114849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2114849"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.", "A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2022-2588", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2022-08-09T17:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-2588\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-2588\nhttps://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u"], "threat_severity": "Important", "upstream_fix": "kernel 3.10"}