CVE-2022-49293 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: initialize registers in nft_do_chain() Initialize registers to avoid stack leak into userspace.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/06f0ff82c70241a766a811ae1acf07d6e2734dcb
https://git.kernel.org/stable/c/2c74374c2e88c7b7992bf808d9f9391f7452f9d9
https://git.kernel.org/stable/c/4c905f6740a365464e91467aa50916555b28213d
https://git.kernel.org/stable/c/4d28522acd1c4415c85f6b33463713a268f68965
https://git.kernel.org/stable/c/64f24c76dd0ce53d0fa3a0bfb9aeea507c769485
https://git.kernel.org/stable/c/88791b79a1eb2ba94e95d039243e28433583a67b
https://git.kernel.org/stable/c/a3cc32863b175168283cb0a5fde08de6a1e27df9
https://git.kernel.org/stable/c/dd03640529204ef4b8189fbdea08217d8d98271f
https://git.kernel.org/stable/c/fafb904156fbb8f1dd34970cd5223e00b47c33be
https://lore.kernel.org/linux-cve-announce/2025022634-CVE-2022-49293-15b7@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-49293
https://www.cve.org/CVERecord?id=CVE-2022-49293

History

Thu, 27 Feb 2025 13:30:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025022634-CVE-2022-49293-15b7@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-49293 https://www.cve.org/CVERecord?id=CVE-2022-49293
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Wed, 26 Feb 2025 02:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: initialize registers in nft_do_chain() Initialize registers to avoid stack leak into userspace.
Title		netfilter: nf_tables: initialize registers in nft_do_chain()
References		https://git.kernel.org/stable/c/06f0ff82c70241a766a811ae1acf07d6e2734dcb https://git.kernel.org/stable/c/2c74374c2e88c7b7992bf808d9f9391f7452f9d9 https://git.kernel.org/stable/c/4c905f6740a365464e91467aa50916555b28213d https://git.kernel.org/stable/c/4d28522acd1c4415c85f6b33463713a268f68965 https://git.kernel.org/stable/c/64f24c76dd0ce53d0fa3a0bfb9aeea507c769485 https://git.kernel.org/stable/c/88791b79a1eb2ba94e95d039243e28433583a67b https://git.kernel.org/stable/c/a3cc32863b175168283cb0a5fde08de6a1e27df9 https://git.kernel.org/stable/c/dd03640529204ef4b8189fbdea08217d8d98271f https://git.kernel.org/stable/c/fafb904156fbb8f1dd34970cd5223e00b47c33be

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-02-26T01:56:29.033Z

Updated: 2025-05-04T08:34:24.805Z

Reserved: 2025-02-26T01:49:39.302Z

Link: CVE-2022-49293

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-02-26T07:01:06.140

Modified: 2025-02-26T07:01:06.140

Link: CVE-2022-49293

Redhat

Severity : Moderate

Publid Date: 2025-02-26T00:00:00Z

Links: CVE-2022-49293 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object