Hey there! This post will be about two vulnerabilties I found in the nf_tables component of the netfilter subsystem in the Linux kernel.
- CVE-2022-1015 pertains to an out-of-bounds access due to insufficient validation of input arguments, and can lead to arbitrary code execution and local privilege escalation by extension.
- CVE-2022-1016 pertains to related insufficient stack variable initialization, which can be used to leak a large variety of kernel data to userspace.
These issues should be exploitable on default configurations of the latest Ubuntu and RHEL. I wrote my CVE-2022-1015 PoC targeting Arch Linux, kernel version 5.16-rc3.
You can find the original oss-security report here. There has been substantial discussion regarding the report on Hackernews and Reddit.
This post is geared towards people with at least an elementary understanding of the Linux kernel in terms of functionality and security.
This post was created with our nice and easy submission form. Create your post!
GIPHY App Key not set. Please check settings