CVE-2022-48642

MEDIUM

Linux Kernel 5.3-5.9 - Use-After-Free in nf_tables_addchain

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain() It seems to me that percpu memory for chain stats started leaking since commit 3bc158f8d0330f0a ("netfilter: nf_tables: map basechain priority to hardware priority") when nft_chain_offload_priority() returned an error.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88

Patch

https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852

Patch

https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714

Patch

https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac

Scores

CVSS v3 5.5

EPSS 0.0023

EPSS Percentile 13.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (15)

linux/Kernel 5.11.0 - 5.15.71linux

linux/Kernel 5.16.0 - 5.19.12linux

linux/Kernel 5.3.0 - 5.10.146linux

Linux/Linux < 5.3

Linux/Linux 3bc158f8d0330f0ac58597c023acca2234c14616 - 08d7524f366a886b99b1630a24a27dd6e0d7f852

Linux/Linux 3bc158f8d0330f0ac58597c023acca2234c14616 - 985b031667c3177b9e7fb9787b989628e4271714

Linux/Linux 3bc158f8d0330f0ac58597c023acca2234c14616 - 9a4d6dd554b86e65581ef6b6638a39ae079b17ac

Linux/Linux 3bc158f8d0330f0ac58597c023acca2234c14616 - b043a525a3f5520abb676a7cd8f6328fdf959e88

Linux/Linux 5.10.146 - 5.10.*

Linux/Linux 5.15.71 - 5.15.*

... and 5 more

Published Apr 28, 2024

Tracked Since Feb 18, 2026