Rewterz Threat Advisory – Multiple IBM Sterling Secure Proxy Vulnerabilities
February 24, 2022Rewterz Threat Advisory – CVE-2022-0721 – Cisco FXOS and Cisco NX-OS Vulnerability
February 24, 2022Rewterz Threat Advisory – Multiple IBM Sterling Secure Proxy Vulnerabilities
February 24, 2022Rewterz Threat Advisory – CVE-2022-0721 – Cisco FXOS and Cisco NX-OS Vulnerability
February 24, 2022Severity
High
Analysis Summary
CVE-2022-25636
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a heap out-of-bounds write in the nft_fwd_dup_netdev_offload function in nf_dup_netdev.c. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2022-25636
Affected Vendors
Linux
Affected Products
- Linux Kernel 5.4
- Linux Kernel 5.5
- Linux Kernel 5.6.0
- Linux Kernel 5.7.0
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.