The Linux core revealed several vulnerabilities caused by the appeal to the already released areas of memory and allowing a local user to increase their privileges in the system. For all problems under consideration, working prototypes of exploites have been created, which will be published a week after the publication of information about vysimity. Patches with the elimination of problems were sent to the developers of the Linux nucleus.
- cve-2022-2588 -vulnerability in the implementation of the CLS_ROUTE filter caused An error, due to which, when processing a zero descriptor, the old filter was not removed from a hash table until the memory is cleaned. Vulnerability is present from the release of 2.6.12-RC2. To conduct an attack, the availability of CAP_NET_ADMIN rights is required, which can be obtained if there is access to the creation of network namespace spaces or user identifiers (user Namespace). As a bypass protection path, you can turn off the CLS_ROUTE module through adding to modprobe.conf the lines ‘Install Cls_rute/Bin/True’.
- CVE-2022-2586 -Netfilter subsystem in the NF_TABLES module ensuring the operation of the NFTABALS package filter. The problem is caused by the fact that the NFT object can refer to SET-list in another table, which leads to an appeal to the released area of memory after removing this table. Vulnerability is present from the release of 3.16-RC1. To conduct an attack, the availability of CAP_NET_ADMIN rights is required, which can be obtained if there is access to the creation of network namespace spaces or user identifiers (user Namespace).
- CVE-2022-2585 -vulnerability to Posix CPU Timer caused The fact that when calling from a non -leading thread, the timer structure remains in the list, despite the cleaning of memory allocated for storage. Vulnerability is present from the release of 3.16-RC1.
/Media reports.