CVE-2022-2586

MEDIUM KEV

NFT - Use After Free

Title source: llm

Description

It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.

Exploits (4)

nomisec WORKING POC 20 stars

by aels · local

https://github.com/aels/CVE-2022-2586-LPE

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by sniper404ghostxploit · local

https://github.com/sniper404ghostxploit/CVE-2022-2586

View Code ZIP pw:eip

github

by sinkthemall · cpoc

https://github.com/sinkthemall/CVE-PoC/tree/main/CVE-2022-2586

View on github

vulncheck_xdb WORKING POC

local

https://github.com/greek0x0/2022-LPE-UAF

View Code ZIP pw:eip

References (15)

[Third Party Advisory] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586

[Mailing List, Patch] https://lore.kernel.org/netfilter-devel/[email protected]/T/#t

[Third Party Advisory] https://ubuntu.com/security/notices/USN-5557-1

[Third Party Advisory] https://ubuntu.com/security/notices/USN-5560-1

[Third Party Advisory] https://ubuntu.com/security/notices/USN-5560-2

[Third Party Advisory] https://ubuntu.com/security/notices/USN-5562-1

[Third Party Advisory] https://ubuntu.com/security/notices/USN-5564-1

[Third Party Advisory] https://ubuntu.com/security/notices/USN-5565-1

[Third Party Advisory] https://ubuntu.com/security/notices/USN-5566-1

[Third Party Advisory] https://ubuntu.com/security/notices/USN-5567-1

[Third Party Advisory] https://ubuntu.com/security/notices/USN-5582-1

[Mailing List] https://www.openwall.com/lists/oss-security/2022/08/09/5

[Third Party Advisory, VDB Entry] https://www.zerodayinitiative.com/advisories/ZDI-22-1118/

[Exploit, Third Party Advisory] https://www.vicarius.io/vsociety/posts/use-after-free-vulnerability-linked-chain-between-nft-tables-cve-2022-2586

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-2586

Scores

CVSS v3 5.3

EPSS 0.0222

EPSS Percentile 84.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

Details

CISA KEV 2024-06-26

VulnCheck KEV 2024-06-19

InTheWild.io 2024-06-22

ENISA EUVD EUVD-2022-34835

CWE

CWE-416

Status published

Products (7)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 20.04

canonical/ubuntu_linux 22.04

linux/linux_kernel 6.0

linux/linux_kernel < 5.19.17

Published Jan 08, 2024

KEV Added Jun 26, 2024

Tracked Since Feb 18, 2026