{
  "threat_severity" : "Important",
  "public_date" : "2022-08-09T17:00:00Z",
  "bugzilla" : {
    "description" : "kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation",
    "id" : "2114849",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2114849"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-416",
  "details" : [ "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.", "A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem." ],
  "acknowledgement" : "Red Hat would like to thank Zhenpeng Lin for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2022-11-02T00:00:00Z",
    "advisory" : "RHSA-2022:7338",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-1160.80.1.rt56.1225.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2022-11-02T00:00:00Z",
    "advisory" : "RHSA-2022:7337",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-1160.80.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2022-11-02T00:00:00Z",
    "advisory" : "RHSA-2022:7344",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kpatch-patch"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Advanced Update Support",
    "release_date" : "2022-10-25T00:00:00Z",
    "advisory" : "RHSA-2022:7146",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.4",
    "package" : "kernel-0:3.10.0-693.106.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118)",
    "release_date" : "2022-10-25T00:00:00Z",
    "advisory" : "RHSA-2022:7171",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.6",
    "package" : "kernel-0:3.10.0-957.99.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Telco Extended Update Support",
    "release_date" : "2022-10-25T00:00:00Z",
    "advisory" : "RHSA-2022:7171",
    "cpe" : "cpe:/o:redhat:rhel_tus:7.6",
    "package" : "kernel-0:3.10.0-957.99.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions",
    "release_date" : "2022-10-25T00:00:00Z",
    "advisory" : "RHSA-2022:7171",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.6",
    "package" : "kernel-0:3.10.0-957.99.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions",
    "release_date" : "2022-10-25T00:00:00Z",
    "advisory" : "RHSA-2022:7173",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.6",
    "package" : "kpatch-patch"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.7 Advanced Update Support",
    "release_date" : "2023-07-11T00:00:00Z",
    "advisory" : "RHSA-2023:4022",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.7",
    "package" : "kernel-0:3.10.0-1062.76.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.7 Telco Extended Update Support",
    "release_date" : "2023-07-11T00:00:00Z",
    "advisory" : "RHSA-2023:4022",
    "cpe" : "cpe:/o:redhat:rhel_tus:7.7",
    "package" : "kernel-0:3.10.0-1062.76.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions",
    "release_date" : "2023-07-11T00:00:00Z",
    "advisory" : "RHSA-2023:4022",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.7",
    "package" : "kernel-0:3.10.0-1062.76.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions",
    "release_date" : "2023-07-11T00:00:00Z",
    "advisory" : "RHSA-2023:4023",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.7",
    "package" : "kpatch-patch"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-10-25T00:00:00Z",
    "advisory" : "RHSA-2022:7134",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-372.32.1.rt7.189.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-10-25T00:00:00Z",
    "advisory" : "RHSA-2022:7110",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-372.32.1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-10-25T00:00:00Z",
    "advisory" : "RHSA-2022:7137",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kpatch-patch"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
    "release_date" : "2022-10-11T00:00:00Z",
    "advisory" : "RHSA-2022:6872",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.1",
    "package" : "kernel-0:4.18.0-147.76.1.el8_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
    "release_date" : "2022-10-11T00:00:00Z",
    "advisory" : "RHSA-2022:6875",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.1",
    "package" : "kpatch-patch"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support",
    "release_date" : "2022-11-01T00:00:00Z",
    "advisory" : "RHSA-2022:7279",
    "cpe" : "cpe:/o:redhat:rhel_aus:8.2",
    "package" : "kernel-0:4.18.0-193.93.1.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
    "release_date" : "2022-11-01T00:00:00Z",
    "advisory" : "RHSA-2022:7280",
    "cpe" : "cpe:/a:redhat:rhel_tus:8.2::nfv",
    "package" : "kernel-rt-0:4.18.0-193.93.1.rt13.143.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
    "release_date" : "2022-11-01T00:00:00Z",
    "advisory" : "RHSA-2022:7279",
    "cpe" : "cpe:/o:redhat:rhel_tus:8.2",
    "package" : "kernel-0:4.18.0-193.93.1.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
    "release_date" : "2022-11-01T00:00:00Z",
    "advisory" : "RHSA-2022:7279",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.2",
    "package" : "kernel-0:4.18.0-193.93.1.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
    "release_date" : "2022-11-09T00:00:00Z",
    "advisory" : "RHSA-2022:7885",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.2",
    "package" : "kpatch-patch"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support",
    "release_date" : "2022-10-18T00:00:00Z",
    "advisory" : "RHSA-2022:6991",
    "cpe" : "cpe:/a:redhat:rhel_eus:8.4::nfv",
    "package" : "kernel-rt-0:4.18.0-305.65.1.rt7.137.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support",
    "release_date" : "2022-10-18T00:00:00Z",
    "advisory" : "RHSA-2022:6978",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.4",
    "package" : "kpatch-patch"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support",
    "release_date" : "2022-10-18T00:00:00Z",
    "advisory" : "RHSA-2022:6983",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.4",
    "package" : "kernel-0:4.18.0-305.65.1.el8_4"
  }, {
    "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
    "release_date" : "2022-09-19T00:00:00Z",
    "advisory" : "RHSA-2022:6551",
    "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
    "package" : "redhat-virtualization-host-0:4.5.2-202209140405_8.6"
  }, {
    "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
    "release_date" : "2022-10-25T00:00:00Z",
    "advisory" : "RHSA-2022:7110",
    "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
    "package" : "kernel-0:4.18.0-372.32.1.el8_6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-2588\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-2588\nhttps://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u" ],
  "name" : "CVE-2022-2588",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}