The flaw exists in the handling of nft_set_desc_concat_parse() when handling negative values. This can lead to a denial of service if an application uses the function with a large number and a negative value when doing comparisons.

Also, a race condition allows an attacker to run code on the system, if an application uses the function with a large number and a negative value when doing comparisons to other values.

Red Hat has released a patch for their systems, which can be applied immediately. However, Red Hat recommends all users to update as soon as possible.

You can install the latest updates by running the following command in terminal:
Red Hat recommends all users to update their systems to the latest available updates as soon as possible as there are no known workarounds for this at this time.

References: https://www.redhat.com/archives/security-announce/2018/February/msg00010.html


http://www.zdnet.com/article/security-update-for-linux-users-to-patch-CVE-2022-2078/

Critical updates

The flaw exists in the handling of nft_set_desc_concat_parse() when handling negative values. This can lead to a denial of service if an application uses the function with a large number and a negative value when doing comparisons.
A race condition allows an attacker to run code on the system, if an application uses the function with a large number and a negative value when doing comparisons to other values.
Red Hat has released a patch for their systems, which can be applied immediately. However, Red Hat recommends all users to update as soon as possible.
You can install the latest updates by running the following command in terminal:
Red Hat recommends all users to update their systems to the latest available updates as soon as possible as there are no known workarounds for this at this time.

Timeline

Published on: 06/30/2022 13:15:00 UTC
Last modified on: 08/05/2022 17:15:00 UTC

References