Current location: Old Tang's Notes Operation and maintenance text
Dynadot Tile mover Tencent Cloud

Linux kernel local privilege escalation vulnerability (CVE-2022-25636)

2024-05-25 Classification: Operation and maintenance
Sider GigsGigsCloud

Today, I received an email from Tencent Cloud, reminding me that there is a high-risk vulnerability in a VPS. I quickly opened the email to deal with it. It has been repaired, and I would like to share it here. Generally speaking, the system and kernel should be upgraded to the latest version to prevent many security problems.

Article Contents hide
1、 Vulnerability description
2、 Repair plan

1、 Vulnerability description

  1. Vulnerability name: Linux kernel local privilege escalation vulnerability (CVE-2022-25636)
  2. Vulnerability tag: required vulnerability
  3. Local utilization: POC exists
  4. Vulnerability type: Linux software vulnerability
  5. Threat level: high risk
  6. CVE No.: CVE-2022-25636
  7. Disclosure time: February 22, 2022
  8. Vulnerability description: Due to the problem of write out of heap boundary, the netfilter subcomponent in the Linux kernel net/netfilter/nf_dup_netdev.c In nft_fwd_dup_netdev_offload An out of bounds (OOB) memory access flaw was found in. This vulnerability allows local attackers with user accounts on the system to gain access to out of bounds memory, leading to a system crash or privilege escalation threat.

2、 Repair plan

It is recommended to use the official release update package of the operating system of each distribution (direct source code compilation and upgrading may pose compatibility risks).

Debian system user (it needs to be restarted to take effect after the upgrade):

Upgrade kernel version:

 sudo apt-get update && sudo apt-get install --only-upgrade linux-image-amd64 && sudo update-grub

1) Users of the bullseye version are recommended to upgrade to the following version: 5.10.103-1, kernel version view command:

 sudo dpkg -l linux-image-amd64

Ubuntu system users (need to restart to take effect after upgrading):

Upgrade kernel version:

 sudo apt-get update && sudo apt-get install --only-upgrade linux-image-generic && sudo update-grub

1) Users of version 20.04 are recommended to upgrade to the following version: 5.4.0-104.118; Kernel version view command:

 sudo dpkg -l linux-image-generic

Temporary mitigation measures:

 sudo sysctl kernel.unprivileged_userns_clone=0

It is found that the server is vulnerable. It is recommended to take snapshot backups of relevant hosts immediately to avoid losses.

Reference link: http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD -202202-1743

Dynadot Hostwinds
AD: [Recommended by Old Tang] The best cheap VPS recommendation, buy one and start building your own blog!
Like( zero )
Copyright notice: This article is authorized by the Knowledge Sharing Attribution 4.0 International License Agreement [BY-NC-SA]
Article name:《 Linux kernel local privilege escalation vulnerability (CVE-2022-25636)
Article link: https://oldtang.com/13475.html
The resources of this website are only for personal learning and exchange. Please delete them within 24 hours after downloading, and they are not allowed to be used for commercial purposes, otherwise the legal issues will be borne by yourself.

Related recommendations

Notes of Old Tang – Follow us

Notes of Old Tang – preferential promotion

QQ group: six hundred and twenty-four million two hundred and forty-one thousand three hundred and six

TG group: @oldtang_com

Hematemesis recommendation

#Monthly discount # VPS/host/domain name

Summary of the latest promotional information in 2023

Cheap VPS

#Laotang recommends # select cheap VPS merchants

Eight years of station building experience, hematemesis sorting, high-end and high-quality routes

Cheap host

#Laotang recommends # select virtual host merchants

American virtual host, an old brand business, an introduction to website building, and an option for newcomers

Cheap domain name

#Laotang recommends # preferred domain name registrar

Cheap domain name registration, good domain name is half the success

Article Contents hide
1、 Vulnerability description
2、 Repair plan

Random articles

Hot tags

Tile mover Tencent Cloud Vultr Tencent cloud discount HostWinds Alibaba Cloud Tencent Cloud lightweight application server NameCheap Hostwinds Tutorial WordPress Tiler CN2 GIA Dynadot DMIT Vultr VPS Tencent Cloud Seckill Tencent cloud server UCloud Vultr evaluation Tencent Cloud lightweight Vultr offers Tencent cloud voucher HostDare Tiler Limited Edition CN2 GIA Pagoda panel Preferential code for tile removal workers Tiler Hong Kong pagoda Ubuntu Hong Kong VPS

Website statistics

  • Total number of logs: one thousand six hundred and seventy-seven
  • Total comments: one hundred and thirteen
  • Total number of labels: seven thousand one hundred and eighty-two
  • Total pages: one
  • Total number of categories: fifteen
  • Total number of links: nineteen
  • Total number of users: one
  • Last updated: 2024-09-26