CVE-2022-50213

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-50213

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50213.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-50213

Downstream

DEBIAN-CVE-2022-50213

RHSA-2022:7683

RHSA-2022:8267

RHSA-2024:0724

RHSA-2024:3421

ROOT-OS-UBUNTU-2204-CVE-2022-50213

SUSE-SU-2025:02264-1

SUSE-SU-2025:02308-1

SUSE-SU-2025:02320-1

SUSE-SU-2025:02321-1

SUSE-SU-2025:02322-1

SUSE-SU-2025:02334-1

SUSE-SU-2025:02537-1

SUSE-SU-2025:2264-1

UBUNTU-CVE-2022-50213

Related

Published

2025-06-18T11:03:50.958Z

Modified

2026-04-11T12:44:55.022554Z

Summary

netfilter: nf_tables: do not allow SET_ID to refer to another table

Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nftables: do not allow SETID to refer to another table

When doing lookups for sets on the same batch by using its ID, a set from a different table can be used.

Then, when the table is removed, a reference to the set may be kept after the set is freed, leading to a potential use-after-free.

When looking for sets by ID, use the table that was used for the lookup by name, and only return sets belonging to that same table.

This fixes CVE-2022-2586, also reported as ZDI-CAN-17470.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50213.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

958bee14d0718ca7a5002c0f48a099d1d345812a

Fixed

77d3b5038b7462318f5183e2ad704b01d57215a2

Fixed

fab2f61cc3b0e441b1749f017cfee75f9bbaded7

Fixed

1a4b18b1ff11ba26f9a852019d674fde9d1d1cff

Fixed

faafd9286f1355c76fe9ac3021c280297213330e

Fixed

f4fa03410f7c5f5bd8f90e9c11e9a8c4b526ff6f

Fixed

0d07039397527361850c554c192e749cfc879ea9

Fixed

470ee20e069a6d05ae549f7d0ef2bdbcee6a81b2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50213.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.16.0

Fixed

4.19.256

Type: ECOSYSTEM
Events: Introduced

4.20.0

Fixed

5.4.211

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.137

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.61

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

5.18.18

Type: ECOSYSTEM
Events: Introduced

5.19.0

Fixed

5.19.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50213.json"