CVE-2022-1055

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-1055
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1055.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-1055
Aliases
Downstream
Related
Published
2022-03-29T15:15:08.207Z
Modified
2026-02-11T13:25:54.856970Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A use-after-free exists in the Linux Kernel in tcnewtfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
Introduced
e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd
Fixed
04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

Affected versions

v5.*
v5.1
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17-rc1
v5.2
v5.2-rc1
v5.2-rc2
v5.2-rc3
v5.2-rc4
v5.2-rc5
v5.2-rc6
v5.2-rc7
v5.3
v5.3-rc1
v5.3-rc2
v5.3-rc3
v5.3-rc4
v5.3-rc5
v5.3-rc6
v5.3-rc7
v5.3-rc8
v5.4
v5.4-rc1
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8

Database specific

vanir_signatures 
[
    {
        "target": {
            "function": "tc_ctl_chain",
            "file": "net/sched/cls_api.c"
        },
        "id": "CVE-2022-1055-0d272d7c",
        "deprecated": false,
        "digest": {
            "length": 2735.0,
            "function_hash": "208607899164322792714159143420444934249"
        },
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
        "signature_version": "v1"
    },
    {
        "target": {
            "function": "tc_new_tfilter",
            "file": "net/sched/cls_api.c"
        },
        "id": "CVE-2022-1055-4b9ba439",
        "deprecated": false,
        "digest": {
            "length": 4678.0,
            "function_hash": "178796475389914911248992096641667054224"
        },
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
        "signature_version": "v1"
    },
    {
        "target": {
            "file": "net/sched/cls_api.c"
        },
        "id": "CVE-2022-1055-f3d860f4",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "114582208524191100068801051182375898900",
                "245124090354377403517561226257590004580",
                "324895983307023276992985636822394908697",
                "205145797718397210712298326189860940709",
                "294198230286196164234311107061426157146",
                "106172002849105992604648227984231845222",
                "198752099882769396723786598238265217616",
                "196022374237816518951271989440211532509",
                "92054165616269222931226788307148863512",
                "196064591378318602289432638370281878786",
                "314828004324629693525478658064701487492",
                "209295838266991765155392726298227578793",
                "15853571048400435140423496515432837328",
                "125928847955747437316038484316831429802",
                "167238410173122410235218670824863855745",
                "242591876906919431162088062873375356706",
                "240087994332958606119797311196520090639",
                "272294750109687271921859446119060398342",
                "314133306087273616449417108445832237115"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
        "signature_version": "v1"
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1055.json"