5.5
CVE-2022-49561
- EPSS 0.05%
- Veröffentlicht 26.02.2025 07:01:31
- Zuletzt bearbeitet 24.10.2025 15:50:35
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
netfilter: conntrack: re-fetch conntrack after insertion
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: re-fetch conntrack after insertion In case the conntrack is clashing, insertion can free skb->_nfct and set skb->_nfct to the already-confirmed entry. This wasn't found before because the conntrack entry and the extension space used to free'd after an rcu grace period, plus the race needs events enabled to trigger.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.7 < 4.14.282
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.246
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.197
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.120
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.45
Linux ≫ Linux Kernel Version >= 5.16 < 5.17.13
Linux ≫ Linux Kernel Version >= 5.18 < 5.18.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.164 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|