CVE-2022-50213

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-50213
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50213.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-50213
Downstream
Related
Published
2025-06-18T11:03:50.958Z
Modified
2026-03-12T03:26:17.158812Z
Summary
netfilter: nf_tables: do not allow SET_ID to refer to another table
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nftables: do not allow SETID to refer to another table

When doing lookups for sets on the same batch by using its ID, a set from a different table can be used.

Then, when the table is removed, a reference to the set may be kept after the set is freed, leading to a potential use-after-free.

When looking for sets by ID, use the table that was used for the lookup by name, and only return sets belonging to that same table.

This fixes CVE-2022-2586, also reported as ZDI-CAN-17470.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50213.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
958bee14d0718ca7a5002c0f48a099d1d345812a
Fixed
77d3b5038b7462318f5183e2ad704b01d57215a2
Fixed
fab2f61cc3b0e441b1749f017cfee75f9bbaded7
Fixed
1a4b18b1ff11ba26f9a852019d674fde9d1d1cff
Fixed
faafd9286f1355c76fe9ac3021c280297213330e
Fixed
f4fa03410f7c5f5bd8f90e9c11e9a8c4b526ff6f
Fixed
0d07039397527361850c554c192e749cfc879ea9
Fixed
470ee20e069a6d05ae549f7d0ef2bdbcee6a81b2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50213.json"