Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2022-36946

Published: 27/07/2022 Updated: 25/03/2024
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Linux

Vulnerability Summary

nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel up to and including 5.18.14 allows remote malicious users to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

debian debian linux 10.0

debian debian linux 11.0

netapp solidfire \\& hci management node -

netapp active iq unified manager -

netapp hci compute node -

netapp solidfire \\& hci storage node -

netapp solidfire enterprise sds -

Vendor Advisories

Debian Security Advisories: DSA-5207-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2022-2585 A use-after-free flaw in the implementation of POSIX CPU timers may result in denial of service or in local privilege escalation CVE-2022-2586 A use-after-free in the Netfilter ...
Red Hat: Moderate: kernel security, bug fix, and enhancement update
Synopsis Moderate: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated th ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Securit ...
Red Hat: Moderate: Logging Subsystem 5.5.5 - Red Hat OpenShift security update
Synopsis Moderate: Logging Subsystem 555 - Red Hat OpenShift security update Type/Severity Security Advisory: Moderate Topic Logging Subsystem 555 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Red Hat: Important: Red Hat Advanced Cluster Management 2.6.3 security update
Synopsis Important: Red Hat Advanced Cluster Management 263 security update Type/Severity Security Advisory: Important Topic Red Hat Advanced Cluster Management for Kubernetes 263 GeneralAvailability release images, which provide security updates, fix bugs, and update container imagesRed Hat Product Security has rated this update as havi ...
Red Hat: Moderate: kernel-rt security and bug fix update
Synopsis Moderate: kernel-rt security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this updat ...
Red Hat: Moderate: kernel-rt security and bug fix update
Synopsis Moderate: kernel-rt security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this updat ...
Red Hat: Moderate: Openshift Logging 5.3.14 bug fix release and security update
Synopsis Moderate: Openshift Logging 5314 bug fix release and security update Type/Severity Security Advisory: Moderate Topic Openshift Logging Bug Fix Release (5314)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Amazon Linux AMI: ALAS-2022-1636
An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data This flaw allows a local user to crash or potentially escalate their privileges on the system (CVE-2021-33655) A vulnerability was found in the Linux kernel's ...
Red Hat:
nfqnl_mangle in net/netfilter/nfnetlink_queuec in the Linux kernel through 51814 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len ...
Ubuntu Security Notice: USN-5639-1: Linux kernel (Azure CVM) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5635-1: Linux kernel (GKE) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5647-1: Linux kernel (GCP) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5683-1: Linux kernel (IBM) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5623-1: Linux kernel (HWE) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5624-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5660-1: Linux kernel (GCP) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5654-1: Linux kernel (GKE) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5622-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5655-1: Linux kernel (Intel IoTG) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5633-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5621-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5630-1: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5648-1: Linux kernel (GKE) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5650-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5644-1: Linux kernel (GCP) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5640-1: Linux kernel (Oracle) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5580-1: Linux kernel (AWS) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5652-1: Linux kernel (Azure) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Arch Linux Issues:
nfqnl_mangle in net/netfilter/nfnetlink_queuec allows remote attackers to cause a denial of service in the case of a nf_queue verdict with a one-byte nfta_payload attribute skb_pull can encounter a negative skb->len ...
Amazon Linux 2: ALAS2KERNEL-5.10-2022-019
A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled (CVE-2022-21505) A flaw was found in hw Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions (CVE-2022-23816) A flaw was fou ...
Amazon Linux 2: ALAS2KERNEL-5.15-2022-007
An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function This flaw allows a local user to crash the system or read unauthorized random data from memory ...
Amazon Linux 2: ALAS2-2022-1838
A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages This flaw allows a local user to crash or potentially escalate their privileges on the system (CVE-2022-1679) A flaw was found in the Linux kernel's KVM when attempt ...
Amazon Linux 2: ALAS2-2022-1852
An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data This flaw allows a local user to crash or potentially escalate their privileges on the system (CVE-2021-33655) A vulnerability was found in the Linux kernel's ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-034
An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data This flaw allows a local user to crash or potentially escalate their privileges on the system (CVE-2021-33655) A bug in the IMA subsystem was discovered which ...
Amazon Linux 2022: ALAS2022-2022-150
A flaw was found in the Linux kernel The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV) (CVE-2022-0171) An out-of-bounds read flaw was found in the Linux kernel's TeleT ...

Github Repositories

https://github.com/nik012003/nik012003

hey, that's me :p

✨ Hello there ✨ I'm Nicola (any pronouns) and I like cats 🐱 , open source software 🖥️ and linux 🐧! These are some of the projects I've worked on 🔭: ripdrag: Drag and Drop utilty written in Rust and GTK4 firegex: web application firewall for CTF Attack-Defence competitions protostar: application launcher for StardustXR CVE-2022-36946: vulnerability f

https://github.com/Pwnzer0tt1/CVE-2022-36946

CVE-2022-36946 linux kernel panic in netfilter_queue

CVE-2022-36946 Reported-by: Domingo Dirutigliano and Nicola Guerrera While we were working on firegex, our application firewall for CTF Attack-Defence competitions, we stumbled upon a few kernel panics This strange behavour was than isolated and anlayzed, leading to the dicovery of this potential security flaw in the netfilter module, specifically with nfnetlink How does it w

References

NVD-CWE-noinfohttps://marc.info/?l=netfilter-devel&m=165883202007292&w=2https://www.debian.org/security/2022/dsa-5207https://security.netapp.com/advisory/ntap-20220901-0007/https://lists.debian.org/debian-lts-announce/2022/09/msg00011.htmlhttps://lists.debian.org/debian-lts-announce/2022/10/msg00000.htmlhttps://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164https://www.debian.org/security/2022/dsa-5207https://nvd.nist.govhttps://github.com/nik012003/nik012003https://ubuntu.com/security/notices/USN-5639-1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook