CVE-2022-2078 An attacker can exploit a buffer overflow in the nft_set_desc_concat_parse() function to cause a denial of service and possibly run code in the kernel.
The flaw exists in the handling of nft_set_desc_concat_parse() when handling negative values. This can lead to a denial of service if an application uses the function with a large number and a negative value when doing comparisons.
Also, a race condition allows an attacker to run code on the system, if an application uses the function with a large number and a negative value when doing comparisons to other values.
Red Hat has released a patch for their systems, which can be applied immediately. However, Red Hat recommends all users to update as soon as possible.
You can install the latest updates by running the following command in terminal:
Red Hat recommends all users to update their systems to the latest available updates as soon as possible as there are no known workarounds for this at this time.
References: https://www.redhat.com/archives/security-announce/2018/February/msg00010.html
http://www.zdnet.com/article/security-update-for-linux-users-to-patch-CVE-2022-2078/
Critical updates
The flaw exists in the handling of nft_set_desc_concat_parse() when handling negative values. This can lead to a denial of service if an application uses the function with a large number and a negative value when doing comparisons.
A race condition allows an attacker to run code on the system, if an application uses the function with a large number and a negative value when doing comparisons to other values.
Red Hat has released a patch for their systems, which can be applied immediately. However, Red Hat recommends all users to update as soon as possible.
You can install the latest updates by running the following command in terminal:
Red Hat recommends all users to update their systems to the latest available updates as soon as possible as there are no known workarounds for this at this time.
Timeline
Published on: 06/30/2022 13:15:00 UTC
Last modified on: 08/05/2022 17:15:00 UTC