Netfilter nft_set_elem_init Heap Overflow Privilege Escalation

Posted by deepcore on September 29, 2022 – 5:41 am

An issue was discovered in the Linux kernel through version 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges. The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access. The issue exists in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Mobile Mouse Remote Code Execution EShop Joomla Shopping-Cart 3.6.0 Cross Site Scripting »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Netfilter nft_set_elem_init Heap Overflow Privilege Escalation

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL