CVE-2022-48691 - OpenCVE

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/1ce55ec5cb7c573c983dffbe290b8d17caf1f157
https://git.kernel.org/stable/c/77972a36ecc4db7fc7c68f0e80714263c5f03f65
https://git.kernel.org/stable/c/910891a2a44cdc49efcc4fe7459c1085ba00d0f4
https://git.kernel.org/stable/c/94ed8eeb8d9aeb00e4f4e19b83a2e28b6442fbc5
https://nvd.nist.gov/vuln/detail/CVE-2022-48691
https://www.cve.org/CVERecord?id=CVE-2022-48691

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48691", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-03T14:55:07.144Z", "datePublished": "2024-05-03T15:03:28.996Z", "dateUpdated": "2024-08-03T15:17:55.805Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:11:25.689Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: clean up hook list when offload flags check fails\n\nsplice back the hook list so nft_chain_release_hook() has a chance to\nrelease the hooks.\n\nBUG: memory leak\nunreferenced object 0xffff88810180b100 (size 96):\n comm \"syz-executor133\", pid 3619, jiffies 4294945714 (age 12.690s)\n hex dump (first 32 bytes):\n 28 64 23 02 81 88 ff ff 28 64 23 02 81 88 ff ff (d#.....(d#.....\n 90 a8 aa 83 ff ff ff ff 00 00 b5 0f 81 88 ff ff ................\n backtrace:\n [<ffffffff83a8c59b>] kmalloc include/linux/slab.h:600 [inline]\n [<ffffffff83a8c59b>] nft_netdev_hook_alloc+0x3b/0xc0 net/netfilter/nf_tables_api.c:1901\n [<ffffffff83a9239a>] nft_chain_parse_netdev net/netfilter/nf_tables_api.c:1998 [inline]\n [<ffffffff83a9239a>] nft_chain_parse_hook+0x33a/0x530 net/netfilter/nf_tables_api.c:2073\n [<ffffffff83a9b14b>] nf_tables_addchain.constprop.0+0x10b/0x950 net/netfilter/nf_tables_api.c:2218\n [<ffffffff83a9c41b>] nf_tables_newchain+0xa8b/0xc60 net/netfilter/nf_tables_api.c:2593\n [<ffffffff83a3d6a6>] nfnetlink_rcv_batch+0xa46/0xd20 net/netfilter/nfnetlink.c:517\n [<ffffffff83a3db79>] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:638 [inline]\n [<ffffffff83a3db79>] nfnetlink_rcv+0x1f9/0x220 net/netfilter/nfnetlink.c:656\n [<ffffffff83a13b17>] netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n [<ffffffff83a13b17>] netlink_unicast+0x397/0x4c0 net/netlink/af_netlink.c:1345\n [<ffffffff83a13fd6>] netlink_sendmsg+0x396/0x710 net/netlink/af_netlink.c:1921\n [<ffffffff83865ab6>] sock_sendmsg_nosec net/socket.c:714 [inline]\n [<ffffffff83865ab6>] sock_sendmsg+0x56/0x80 net/socket.c:734\n [<ffffffff8386601c>] ____sys_sendmsg+0x36c/0x390 net/socket.c:2482\n [<ffffffff8386a918>] ___sys_sendmsg+0xa8/0x110 net/socket.c:2536\n [<ffffffff8386aaa8>] __sys_sendmsg+0x88/0x100 net/socket.c:2565\n [<ffffffff845e5955>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n [<ffffffff845e5955>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "d54725cd11a5", "lessThan": "910891a2a44c", "status": "affected", "versionType": "git"}, {"version": "d54725cd11a5", "lessThan": "1ce55ec5cb7c", "status": "affected", "versionType": "git"}, {"version": "d54725cd11a5", "lessThan": "94ed8eeb8d9a", "status": "affected", "versionType": "git"}, {"version": "d54725cd11a5", "lessThan": "77972a36ecc4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "5.5", "status": "affected"}, {"version": "0", "lessThan": "5.5", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.143", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.68", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.19.9", "lessThanOrEqual": "5.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/910891a2a44cdc49efcc4fe7459c1085ba00d0f4"}, {"url": "https://git.kernel.org/stable/c/1ce55ec5cb7c573c983dffbe290b8d17caf1f157"}, {"url": "https://git.kernel.org/stable/c/94ed8eeb8d9aeb00e4f4e19b83a2e28b6442fbc5"}, {"url": "https://git.kernel.org/stable/c/77972a36ecc4db7fc7c68f0e80714263c5f03f65"}], "title": "netfilter: nf_tables: clean up hook list when offload flags check fails", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-12T20:37:11.395564Z", "id": "CVE-2022-48691", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T20:38:11.386Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.805Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/910891a2a44cdc49efcc4fe7459c1085ba00d0f4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1ce55ec5cb7c573c983dffbe290b8d17caf1f157", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/94ed8eeb8d9aeb00e4f4e19b83a2e28b6442fbc5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/77972a36ecc4db7fc7c68f0e80714263c5f03f65", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48691", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-12T20:37:11.395564Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T20:38:07.258Z"}}], "cna": {"title": "netfilter: nf_tables: clean up hook list when offload flags check fails", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "d54725cd11a5", "lessThan": "910891a2a44c", "versionType": "git"}, {"status": "affected", "version": "d54725cd11a5", "lessThan": "1ce55ec5cb7c", "versionType": "git"}, {"status": "affected", "version": "d54725cd11a5", "lessThan": "94ed8eeb8d9a", "versionType": "git"}, {"status": "affected", "version": "d54725cd11a5", "lessThan": "77972a36ecc4", "versionType": "git"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.5"}, {"status": "unaffected", "version": "0", "lessThan": "5.5", "versionType": "custom"}, {"status": "unaffected", "version": "5.10.143", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.68", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.19.9", "versionType": "custom", "lessThanOrEqual": "5.19.*"}, {"status": "unaffected", "version": "6.0", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/910891a2a44cdc49efcc4fe7459c1085ba00d0f4"}, {"url": "https://git.kernel.org/stable/c/1ce55ec5cb7c573c983dffbe290b8d17caf1f157"}, {"url": "https://git.kernel.org/stable/c/94ed8eeb8d9aeb00e4f4e19b83a2e28b6442fbc5"}, {"url": "https://git.kernel.org/stable/c/77972a36ecc4db7fc7c68f0e80714263c5f03f65"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: clean up hook list when offload flags check fails\n\nsplice back the hook list so nft_chain_release_hook() has a chance to\nrelease the hooks.\n\nBUG: memory leak\nunreferenced object 0xffff88810180b100 (size 96):\n comm \"syz-executor133\", pid 3619, jiffies 4294945714 (age 12.690s)\n hex dump (first 32 bytes):\n 28 64 23 02 81 88 ff ff 28 64 23 02 81 88 ff ff (d#.....(d#.....\n 90 a8 aa 83 ff ff ff ff 00 00 b5 0f 81 88 ff ff ................\n backtrace:\n [<ffffffff83a8c59b>] kmalloc include/linux/slab.h:600 [inline]\n [<ffffffff83a8c59b>] nft_netdev_hook_alloc+0x3b/0xc0 net/netfilter/nf_tables_api.c:1901\n [<ffffffff83a9239a>] nft_chain_parse_netdev net/netfilter/nf_tables_api.c:1998 [inline]\n [<ffffffff83a9239a>] nft_chain_parse_hook+0x33a/0x530 net/netfilter/nf_tables_api.c:2073\n [<ffffffff83a9b14b>] nf_tables_addchain.constprop.0+0x10b/0x950 net/netfilter/nf_tables_api.c:2218\n [<ffffffff83a9c41b>] nf_tables_newchain+0xa8b/0xc60 net/netfilter/nf_tables_api.c:2593\n [<ffffffff83a3d6a6>] nfnetlink_rcv_batch+0xa46/0xd20 net/netfilter/nfnetlink.c:517\n [<ffffffff83a3db79>] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:638 [inline]\n [<ffffffff83a3db79>] nfnetlink_rcv+0x1f9/0x220 net/netfilter/nfnetlink.c:656\n [<ffffffff83a13b17>] netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n [<ffffffff83a13b17>] netlink_unicast+0x397/0x4c0 net/netlink/af_netlink.c:1345\n [<ffffffff83a13fd6>] netlink_sendmsg+0x396/0x710 net/netlink/af_netlink.c:1921\n [<ffffffff83865ab6>] sock_sendmsg_nosec net/socket.c:714 [inline]\n [<ffffffff83865ab6>] sock_sendmsg+0x56/0x80 net/socket.c:734\n [<ffffffff8386601c>] ____sys_sendmsg+0x36c/0x390 net/socket.c:2482\n [<ffffffff8386a918>] ___sys_sendmsg+0xa8/0x110 net/socket.c:2536\n [<ffffffff8386aaa8>] __sys_sendmsg+0x88/0x100 net/socket.c:2565\n [<ffffffff845e5955>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n [<ffffffff845e5955>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:11:25.689Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48691", "state": "PUBLISHED", "dateUpdated": "2024-06-12T20:38:11.386Z", "dateReserved": "2024-05-03T14:55:07.144Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-03T15:03:28.996Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E77EECF5-C31E-4342-8014-AA844BB83A76", "versionEndExcluding": "5.10.143", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C440CED2-FE3C-495D-839C-857FFC6F523A", "versionEndExcluding": "5.15.68", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4895A99-6E1B-4C76-A510-FDED00AD7D29", "versionEndExcluding": "5.19.9", "versionStartIncluding": "5.16", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: clean up hook list when offload flags check fails\n\nsplice back the hook list so nft_chain_release_hook() has a chance to\nrelease the hooks.\n\nBUG: memory leak\nunreferenced object 0xffff88810180b100 (size 96):\n comm \"syz-executor133\", pid 3619, jiffies 4294945714 (age 12.690s)\n hex dump (first 32 bytes):\n 28 64 23 02 81 88 ff ff 28 64 23 02 81 88 ff ff (d#.....(d#.....\n 90 a8 aa 83 ff ff ff ff 00 00 b5 0f 81 88 ff ff ................\n backtrace:\n [<ffffffff83a8c59b>] kmalloc include/linux/slab.h:600 [inline]\n [<ffffffff83a8c59b>] nft_netdev_hook_alloc+0x3b/0xc0 net/netfilter/nf_tables_api.c:1901\n [<ffffffff83a9239a>] nft_chain_parse_netdev net/netfilter/nf_tables_api.c:1998 [inline]\n [<ffffffff83a9239a>] nft_chain_parse_hook+0x33a/0x530 net/netfilter/nf_tables_api.c:2073\n [<ffffffff83a9b14b>] nf_tables_addchain.constprop.0+0x10b/0x950 net/netfilter/nf_tables_api.c:2218\n [<ffffffff83a9c41b>] nf_tables_newchain+0xa8b/0xc60 net/netfilter/nf_tables_api.c:2593\n [<ffffffff83a3d6a6>] nfnetlink_rcv_batch+0xa46/0xd20 net/netfilter/nfnetlink.c:517\n [<ffffffff83a3db79>] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:638 [inline]\n [<ffffffff83a3db79>] nfnetlink_rcv+0x1f9/0x220 net/netfilter/nfnetlink.c:656\n [<ffffffff83a13b17>] netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n [<ffffffff83a13b17>] netlink_unicast+0x397/0x4c0 net/netlink/af_netlink.c:1345\n [<ffffffff83a13fd6>] netlink_sendmsg+0x396/0x710 net/netlink/af_netlink.c:1921\n [<ffffffff83865ab6>] sock_sendmsg_nosec net/socket.c:714 [inline]\n [<ffffffff83865ab6>] sock_sendmsg+0x56/0x80 net/socket.c:734\n [<ffffffff8386601c>] ____sys_sendmsg+0x36c/0x390 net/socket.c:2482\n [<ffffffff8386a918>] ___sys_sendmsg+0xa8/0x110 net/socket.c:2536\n [<ffffffff8386aaa8>] __sys_sendmsg+0x88/0x100 net/socket.c:2565\n [<ffffffff845e5955>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n [<ffffffff845e5955>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nf_tables: limpia la lista de ganchos cuando falla la verificaci\u00f3n de indicadores de descarga, vuelve a unir la lista de ganchos para que nft_chain_release_hook() tenga la oportunidad de liberar los ganchos. ERROR: p\u00e9rdida de memoria objeto sin referencia 0xffff88810180b100 (tama\u00f1o 96): comunicaci\u00f3n \"syz-executor133\", pid 3619, jiffies 4294945714 (edad 12.690 s) volcado hexadecimal (primeros 32 bytes): 28 64 23 02 81 88 ff ff 28 64 02 81 88 ff ff (d#.....(d#..... 90 a8 aa 83 ff ff ff ff 00 00 b5 0f 81 88 ff ff ................ retroceso : [] kmalloc include/linux/slab.h:600 [en l\u00ednea] [] nft_netdev_hook_alloc+0x3b/0xc0 net/netfilter/nf_tables_api.c:1901 [] netdev net/netfilter/nf_tables_api. c:1998 [en l\u00ednea] [] nft_chain_parse_hook+0x33a/0x530 net/netfilter/nf_tables_api.c:2073 [] nf_tables_addchain.constprop.0+0x10b/0x950 f_tables_api.c:2218 [< ffffffff83a9c41b>] nf_tables_newchain+0xa8b/0xc60 net/netfilter/nf_tables_api.c:2593 [] nfnetlink_rcv_batch+0xa46/0xd20 net/netfilter/nfnetlink.c:517 [] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c: 638 [en l\u00ednea] [] nfnetlink_rcv+0x1f9/0x220 net/netfilter/nfnetlink.c:656 [] netlink_unicast_kernel net/netlink/af_netlink.c:1319 [en l\u00ednea] [] emitir+0x397/ 0x4c0 net/netlink/af_netlink.c:1345 [] netlink_sendmsg+0x396/0x710 net/netlink/af_netlink.c:1921 [] sock_sendmsg_nosec net/socket.c:714 [en l\u00ednea] 65ab6>] sock_sendmsg+0x56/0x80 net/socket.c:734 [] ____sys_sendmsg+0x36c/0x390 net/socket.c:2482 [] ___sys_sendmsg+0xa8/0x110 36 [ ] __sys_sendmsg+0x88/0x100 net/socket.c:2565 [] do_syscall_x64 arch/x86/entry/common.c:50 [en l\u00ednea] [] do_syscall_64+0x35/0xb0 arch/x86/ent ry/com\u00fan .c:80 [] entrada_SYSCALL_64_after_hwframe+0x63/0xcd"}], "id": "CVE-2022-48691", "lastModified": "2024-05-23T20:34:05.590", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-03T15:15:07.887", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1ce55ec5cb7c573c983dffbe290b8d17caf1f157"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/77972a36ecc4db7fc7c68f0e80714263c5f03f65"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/910891a2a44cdc49efcc4fe7459c1085ba00d0f4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/94ed8eeb8d9aeb00e4f4e19b83a2e28b6442fbc5"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: netfilter: nf_tables: clean up hook list when offload flags check fails", "id": "2278948", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278948"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnetfilter: nf_tables: clean up hook list when offload flags check fails\nsplice back the hook list so nft_chain_release_hook() has a chance to\nrelease the hooks.\nBUG: memory leak\nunreferenced object 0xffff88810180b100 (size 96):\ncomm \"syz-executor133\", pid 3619, jiffies 4294945714 (age 12.690s)\nhex dump (first 32 bytes):\n28 64 23 02 81 88 ff ff 28 64 23 02 81 88 ff ff (d#.....(d#.....\n90 a8 aa 83 ff ff ff ff 00 00 b5 0f 81 88 ff ff ................\nbacktrace:\n[<ffffffff83a8c59b>] kmalloc include/linux/slab.h:600 [inline]\n[<ffffffff83a8c59b>] nft_netdev_hook_alloc+0x3b/0xc0 net/netfilter/nf_tables_api.c:1901\n[<ffffffff83a9239a>] nft_chain_parse_netdev net/netfilter/nf_tables_api.c:1998 [inline]\n[<ffffffff83a9239a>] nft_chain_parse_hook+0x33a/0x530 net/netfilter/nf_tables_api.c:2073\n[<ffffffff83a9b14b>] nf_tables_addchain.constprop.0+0x10b/0x950 net/netfilter/nf_tables_api.c:2218\n[<ffffffff83a9c41b>] nf_tables_newchain+0xa8b/0xc60 net/netfilter/nf_tables_api.c:2593\n[<ffffffff83a3d6a6>] nfnetlink_rcv_batch+0xa46/0xd20 net/netfilter/nfnetlink.c:517\n[<ffffffff83a3db79>] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:638 [inline]\n[<ffffffff83a3db79>] nfnetlink_rcv+0x1f9/0x220 net/netfilter/nfnetlink.c:656\n[<ffffffff83a13b17>] netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n[<ffffffff83a13b17>] netlink_unicast+0x397/0x4c0 net/netlink/af_netlink.c:1345\n[<ffffffff83a13fd6>] netlink_sendmsg+0x396/0x710 net/netlink/af_netlink.c:1921\n[<ffffffff83865ab6>] sock_sendmsg_nosec net/socket.c:714 [inline]\n[<ffffffff83865ab6>] sock_sendmsg+0x56/0x80 net/socket.c:734\n[<ffffffff8386601c>] ____sys_sendmsg+0x36c/0x390 net/socket.c:2482\n[<ffffffff8386a918>] ___sys_sendmsg+0xa8/0x110 net/socket.c:2536\n[<ffffffff8386aaa8>] __sys_sendmsg+0x88/0x100 net/socket.c:2565\n[<ffffffff845e5955>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n[<ffffffff845e5955>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n[<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd"], "name": "CVE-2022-48691", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Under investigation", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48691\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48691"], "threat_severity": "Low", "upstream_fix": "kernel 5.10.143, kernel 5.15.68, kernel 5.19.9, kernel 6.0"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object