Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2022-32250

Description

net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.

POC

Reference

- http://www.openwall.com/lists/oss-security/2022/06/03/1

- http://www.openwall.com/lists/oss-security/2022/08/25/1

- http://www.openwall.com/lists/oss-security/2022/09/02/9

- https://blog.theori.io/research/CVE-2022-32250-linux-kernel-lpe-2022/

- https://bugzilla.redhat.com/show_bug.cgi?id=2092427

- https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/net/netfilter?id=520778042ccca019f3ffa136dd0ca565c486cedd

- https://www.openwall.com/lists/oss-security/2022/05/31/1

Github

- https://github.com/0xor0ne/awesome-list

- https://github.com/ARPSyndicate/cvemon

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/Decstor5/2022-32250LPE

- https://github.com/EGI-Federation/SVG-advisories

- https://github.com/GhostTroops/TOP

- https://github.com/HaxorSecInfec/autoroot.sh

- https://github.com/Jalexander798/JA_Tools-Cybersecurity-Resource-2

- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits

- https://github.com/Kristal-g/CVE-2022-32250

- https://github.com/KuanKuanQAQ/cve-testing

- https://github.com/Mr-xn/Penetration_Testing_POC

- https://github.com/NaInSec/CVE-PoC-in-GitHub

- https://github.com/PsychoH4x0r/Unknown1337-Auto-Root-

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/SYRTI/POC_to_review

- https://github.com/Snoopy-Sec/Localroot-ALL-CVE

- https://github.com/Trickhish/automated_privilege_escalation

- https://github.com/WhooAmii/POC_to_review

- https://github.com/XinLiu2025/openkylinsat

- https://github.com/a-roshbaik/Linux-Privilege-Escalation-Exploits

- https://github.com/bachkhoasoft/awesome-list-ks

- https://github.com/bsauce/kernel-exploit-factory

- https://github.com/bsauce/kernel-security-learning

- https://github.com/felixfu59/kernel-hack

- https://github.com/g3un/cve-2022-32250

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/kdn111/linux-kernel-exploitation

- https://github.com/khanhdn111/linux-kernel-exploitation

- https://github.com/khanhdz-06/linux-kernel-exploitation

- https://github.com/khanhdz191/linux-kernel-exploitation

- https://github.com/khanhhdz/linux-kernel-exploitation

- https://github.com/khanhhdz06/linux-kernel-exploitation

- https://github.com/khanhnd123/linux-kernel-exploitation

- https://github.com/khnhdz/linux-kernel-exploitation

- https://github.com/knd06/linux-kernel-exploitation

- https://github.com/lions2012/Penetration_Testing_POC

- https://github.com/manas3c/CVE-POC

- https://github.com/ndk06/linux-kernel-exploitation

- https://github.com/ndk191/linux-kernel-exploitation

- https://github.com/nisadevi11/Localroot-ALL-CVE

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/seadragnol/CVE-2022-32250

- https://github.com/seadragnol/nf_tables_pocs

- https://github.com/shakystar/qemu-wsl-kit

- https://github.com/ssr-111/linux-kernel-exploitation

- https://github.com/substing/internal_ctf

- https://github.com/sumin-world/linux-kernel-exploits

- https://github.com/theori-io/CVE-2022-32250-exploit

- https://github.com/trhacknon/Pocingit

- https://github.com/vlain1337/auto-lpe

- https://github.com/whoforget/CVE-POC

- https://github.com/wkhnh06/linux-kernel-exploitation

- https://github.com/xairy/linux-kernel-exploitation

- https://github.com/xuetusummer/Penetration_Testing_POC

- https://github.com/youwizard/CVE-POC

- https://github.com/ysanatomic/CVE-2022-32250-LPE

- https://github.com/zecool/cve