Cyber Resilience

CVE-2022-34918

HighPublic PoC

Published: 04 July 2022

Published
04 July 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.3863 97.3th percentile
Risk Priority 39 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-34918 is a high-severity Type Confusion (CWE-843) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 2.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A type confusion vulnerability in the Linux kernel through version 5.18.9 affects the netfilter subsystem's nftables implementation. Specifically, an issue in the nft_set_elem_init function can trigger a buffer overflow, distinct from the earlier CVE-2022-32250 flaw. The root cause is addressed by changes to nft_setelem_parse_data in net/netfilter/nf_tables_api.c.

A local attacker who first obtains CAP_NET_ADMIN via an unprivileged user namespace can exploit the flaw to escalate privileges and obtain root access on the system. The attack requires only local access with low privileges and no user interaction, corresponding to the CVSS 7.8 rating.

Kernel developers published a targeted fix in the netdev repository, and distributions have issued live patches such as LSN-0089-1 along with exploit details circulated via oss-security lists. Administrators are advised to apply the referenced commit or subsequent stable kernel updates that backport the correction to nft_setelem_parse_data.

The EPSS score has reached a peak of 0.4027 with a current value of 0.3863, indicating moderate and sustained public interest in the issue after disclosure. Public proof-of-concept material has appeared on sites such as Packet Storm, underscoring the need for prompt patching on exposed systems.

EU & UK References

Vulnerability details

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain…

more

root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

linux
linux kernel
4.1 — 4.14.316 · 4.15 — 4.19.284 · 4.20 — 5.4.244
debian
debian linux
11.0
canonical
ubuntu linux
14.04, 16.04, 18.04, 20.04, 22.04
netapp
h300s firmware
all versions
netapp
h500s firmware
all versions
netapp
h700s firmware
all versions
netapp
h410s firmware
all versions
netapp
h410c firmware
all versions

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References