Sophos cybersecurity researcher Nick Gregory has discovered a dangerous vulnerability in the Linux kernel. Exploiting the problem allows a local attacker to elevate privileges on vulnerable systems, execute arbitrary code, escape from containers, or cause a “kernel panic”.
The off-heap write vulnerability (CVE-2022-25636) was rated 7.8 out of 10 on the CVSS scale and affects Linux kernel versions 5.4 to 5.6.10. The problem is contained in the Netfilter firewall module in the Linux kernel.
Netfilter is a framework provided by the Linux kernel that allows you to perform various network-related operations, including packet filtering, network address translation, and port translation.
In particular, CVE-2022-25636 refers to a problem with incorrect processing of the platform’s hardware unloading function, which can be used by a local attacker to invoke a denial of service (DoS) state or execute arbitrary code.