We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2022-48654

netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()



Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() nf_osf_find() incorrectly returns true on mismatch, this leads to copying uninitialized memory area in nft_osf which can be used to leak stale kernel stack data to userspace.

Reserved 2024-02-25 | Published 2024-04-28 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

22c7652cdaa8cd33ce78bacceb4e826a3f795873 before 721ea8ac063d70c2078c4e762212705de6151764
affected

22c7652cdaa8cd33ce78bacceb4e826a3f795873 before 5d75fef3e61e797fab5c3fbba88caa74ab92ad47
affected

22c7652cdaa8cd33ce78bacceb4e826a3f795873 before 816eab147e5c6f6621922b8515ad9010ceb1735e
affected

22c7652cdaa8cd33ce78bacceb4e826a3f795873 before 633c81c0449663f57d4138326d036dc6cfad674e
affected

22c7652cdaa8cd33ce78bacceb4e826a3f795873 before 559c36c5a8d730c49ef805a72b213d3bba155cc8
affected

Default status
affected

5.2
affected

Any version before 5.2
unaffected

5.4.215
unaffected

5.10.146
unaffected

5.15.71
unaffected

5.19.12
unaffected

6.0
unaffected

References

git.kernel.org/...c/721ea8ac063d70c2078c4e762212705de6151764

git.kernel.org/...c/5d75fef3e61e797fab5c3fbba88caa74ab92ad47

git.kernel.org/...c/816eab147e5c6f6621922b8515ad9010ceb1735e

git.kernel.org/...c/633c81c0449663f57d4138326d036dc6cfad674e

git.kernel.org/...c/559c36c5a8d730c49ef805a72b213d3bba155cc8

cve.org (CVE-2022-48654)

nvd.nist.gov (CVE-2022-48654)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2022-48654

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.