CVE-2022-1016

一、漏洞信息
 漏洞编号：[CVE-2022-1016](https://nvd.nist.gov/vuln/detail/CVE-2022-1016)
 漏洞归属组件：[kernel](https://gitee.com/src-openeuler/kernel)
 漏洞归属的版本：4.19.140,4.19.194,4.19.90,5.10.0,5.14,5.15
 CVSS V3.0分值：
  BaseScore：5.5 Medium
  Vector：CVSS：3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
 漏洞简述：
  A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle  return  with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.
 漏洞公开时间：2022-08-29 23:15:00
 漏洞创建时间：2022-04-02 10:55:12
 漏洞详情参考链接：
  https://nvd.nist.gov/vuln/detail/CVE-2022-1016
<details>
<summary>更多参考(点击展开)</summary>

| 参考来源 | 参考链接 | 来源链接 |
| ------- | -------- | -------- |
| nvd | https://seclists.org/oss-sec/2022/q1/205 |  |
| nvd | https://bugzilla.redhat.com/show_bug.cgi?id=2066614 |  |
| nvd | https://access.redhat.com/security/cve/CVE-2022-1016 |  |
| nvd | http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/ |  |
| redhat | https://access.redhat.com/security/cve/CVE-2022-1016 |  |
| redhat_bugzilla | https://access.redhat.com/errata/RHSA-2022:7444 | https://bugzilla.redhat.com/show_bug.cgi?id=2066614 |
| redhat_bugzilla | https://access.redhat.com/errata/RHSA-2022:7683 | https://bugzilla.redhat.com/show_bug.cgi?id=2066614 |
| redhat_bugzilla | https://access.redhat.com/errata/RHSA-2022:7933 | https://bugzilla.redhat.com/show_bug.cgi?id=2066614 |
| redhat_bugzilla | https://access.redhat.com/errata/RHSA-2022:8267 | https://bugzilla.redhat.com/show_bug.cgi?id=2066614 |
| redhat_bugzilla | https://access.redhat.com/security/cve/cve-2022-1016 | https://bugzilla.redhat.com/show_bug.cgi?id=2066614 |
| ubuntu | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1016 | https://ubuntu.com/security/CVE-2022-1016 |
| ubuntu | https://www.openwall.com/lists/oss-security/2022/03/28/5 | https://ubuntu.com/security/CVE-2022-1016 |
| ubuntu | https://ubuntu.com/security/notices/USN-5381-1 | https://ubuntu.com/security/CVE-2022-1016 |
| ubuntu | https://ubuntu.com/security/notices/USN-5383-1 | https://ubuntu.com/security/CVE-2022-1016 |
| ubuntu | https://ubuntu.com/security/notices/USN-5390-1 | https://ubuntu.com/security/CVE-2022-1016 |
| ubuntu | https://ubuntu.com/security/notices/USN-5390-2 | https://ubuntu.com/security/CVE-2022-1016 |
| ubuntu | https://ubuntu.com/security/notices/USN-5415-1 | https://ubuntu.com/security/CVE-2022-1016 |
| ubuntu | https://ubuntu.com/security/notices/USN-5466-1 | https://ubuntu.com/security/CVE-2022-1016 |
| ubuntu | https://nvd.nist.gov/vuln/detail/CVE-2022-1016 | https://ubuntu.com/security/CVE-2022-1016 |
| ubuntu | https://launchpad.net/bugs/cve/CVE-2022-1016 | https://ubuntu.com/security/CVE-2022-1016 |
| ubuntu | https://security-tracker.debian.org/tracker/CVE-2022-1016 | https://ubuntu.com/security/CVE-2022-1016 |
| debian |  | https://security-tracker.debian.org/tracker/CVE-2022-1016 |
| oracle |  | https://www.oracle.com/security-alerts/ovmbulletinapr2022.html |
| anolis |  | https://anas.openanolis.cn/cves/detail/CVE-2022-1016 |
| cve_search |  | https://seclists.org/oss-sec/2022/q1/205 |
| cve_search |  | https://bugzilla.redhat.com/show_bug.cgi?id=2066614 |
| cve_search |  | https://access.redhat.com/security/cve/CVE-2022-1016 |
| cve_search |  | http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/ |
| mageia |  | http://advisories.mageia.org/MGASA-2022-0122.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-1015.html | https://alas.aws.amazon.com/ALAS-2022-1577.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-1016.html | https://alas.aws.amazon.com/ALAS-2022-1577.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2257.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2264.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2284.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2285.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2286.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2287.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2288.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2289.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2304.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2343.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2344.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2345.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2816.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2817.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-2819.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| amazon_linux | https://alas.aws.amazon.com/cve/html/CVE-2022-3037.html | https://alas.aws.amazon.com/ALAS-2022-1639.html |
| oracle |  | https://www.oracle.com/security-alerts/linuxbulletinapr2022.html |
| redhat_bugzilla | https://bugzilla.redhat.com/show_bug.cgi?id=2066614 |  |
| ubuntu | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1016 |  |
| ubuntu | https://www.openwall.com/lists/oss-security/2022/03/28/5 |  |
| ubuntu | https://ubuntu.com/security/notices/USN-5381-1 |  |
| ubuntu | https://ubuntu.com/security/notices/USN-5383-1 |  |
| ubuntu | https://ubuntu.com/security/notices/USN-5390-1 |  |
| ubuntu | https://ubuntu.com/security/notices/USN-5390-2 |  |
| ubuntu | https://ubuntu.com/security/notices/USN-5415-1 |  |
| ubuntu | https://ubuntu.com/security/notices/USN-5466-1 |  |
| ubuntu | https://nvd.nist.gov/vuln/detail/CVE-2022-1016 |  |
| ubuntu | https://launchpad.net/bugs/cve/CVE-2022-1016 |  |
| ubuntu | https://security-tracker.debian.org/tracker/CVE-2022-1016 |  |
| debian | https://security-tracker.debian.org/tracker/CVE-2022-1016 |  |
| oracle | https://www.oracle.com/security-alerts/linuxbulletinapr2022.html |  |
| anolis | https://anas.openanolis.cn/cves/detail/CVE-2022-1016 |  |
| cve_search | https://seclists.org/oss-sec/2022/q1/205 |  |
| cve_search | https://bugzilla.redhat.com/show_bug.cgi?id=2066614 |  |
| cve_search | https://access.redhat.com/security/cve/CVE-2022-1016 |  |
| cve_search | http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/ |  |
| nvd | https://seclists.org/oss-sec/2022/q1/205 |  |
| nvd | https://bugzilla.redhat.com/show_bug.cgi?id=2066614 |  |
| nvd | https://access.redhat.com/security/cve/CVE-2022-1016 |  |
| nvd | http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/ |  |

</details>

漏洞分析指导链接：
  https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
 漏洞数据来源:
  其它
 漏洞补丁信息：
  <details>
<summary>详情(点击展开)</summary>

| 影响的包 | 修复版本 | 修复补丁 | 问题引入补丁 | 来源  |
| ------- | -------- | ------- | -------- | --------- |
| linux_kernel | 4.14.274 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=a3cc32863b175168283cb0a5fde08de6a1e27df9 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 4.19.237 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=88791b79a1eb2ba94e95d039243e28433583a67b | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 4.9.309 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4d28522acd1c4415c85f6b33463713a268f68965 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 5.10.109 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=2c74374c2e88c7b7992bf808d9f9391f7452f9d9 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 5.15.32 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fafb904156fbb8f1dd34970cd5223e00b47c33be | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 5.16.18 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=64f24c76dd0ce53d0fa3a0bfb9aeea507c769485 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 5.17.1 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=dd03640529204ef4b8189fbdea08217d8d98271f | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 5.4.188 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=06f0ff82c70241a766a811ae1acf07d6e2734dcb | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 4.14.274 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=a3cc32863b175168283cb0a5fde08de6a1e27df9 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 4.19.237 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=88791b79a1eb2ba94e95d039243e28433583a67b | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 4.9.309 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4d28522acd1c4415c85f6b33463713a268f68965 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 5.10.109 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=2c74374c2e88c7b7992bf808d9f9391f7452f9d9 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 5.15.32 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fafb904156fbb8f1dd34970cd5223e00b47c33be | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 5.16.18 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=64f24c76dd0ce53d0fa3a0bfb9aeea507c769485 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 5.17.1 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=dd03640529204ef4b8189fbdea08217d8d98271f | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |
| linux_kernel | 5.4.188 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=06f0ff82c70241a766a811ae1acf07d6e2734dcb | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96518518cc417bb0a8c80b9fb736202e28acdf96 | linuxkernelcves |

</details>

二、漏洞分析结构反馈
 影响性分析说明：
      A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle  return  with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.  
 openEuler评分：
  6.2
 Vector：CVSS：3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
 受影响版本排查(受影响/不受影响)：
  1.openEuler-22.03-LTS:受影响
2.openEuler-20.03-LTS-SP1(4.19.90):受影响
3.openEuler-20.03-LTS-SP2(4.19.90):受影响
4.openEuler-20.03-LTS-SP3(4.19.90):受影响

修复是否涉及abi变化(是/否)：
  1.openEuler-22.03-LTS:否
2.openEuler-20.03-LTS-SP1(4.19.90):否
3.openEuler-20.03-LTS-SP2(4.19.90):否
4.openEuler-20.03-LTS-SP3(4.19.90):否

三、漏洞修复
安全公告链接：https://www.openeuler.org/zh/security/safety-bulletin/detail/?id=openEuler-SA-2022-1621

src-openEuler/kernel

内容风险标识

评论 (14)

src-openEuler/kernel .gitee-modal { width: 500px !important; }

内容风险标识

CVE-2022-1016

评论 (14)

搜索帮助

src-openEuler/kernel