CVE DATABASE / CVE-2022-2586
CVE-2022-2586
Linux Kernel Use-After-Free Vulnerability
CVSS 5.3 · MEDIUM
⚠ CISA KEV — ACTIVELY EXPLOITED
On the CISA KEV catalog
Confirmed exploited in the wild. Added 2024-06-26.
Federal remediation due 2024-07-17.
Required action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Summary
It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.
CVSS 3.1 breakdown
| Base score | 5.3 (MEDIUM) |
| Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H |
| Attack vector | LOCAL |
| Attack complexity | HIGH |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity | LOW |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Linux linux kernelCanonical ubuntu linux
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586
- https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t
- https://ubuntu.com/security/notices/USN-5557-1
- https://ubuntu.com/security/notices/USN-5560-1
- https://ubuntu.com/security/notices/USN-5560-2
- https://ubuntu.com/security/notices/USN-5562-1
- https://ubuntu.com/security/notices/USN-5564-1
- https://ubuntu.com/security/notices/USN-5565-1
- https://ubuntu.com/security/notices/USN-5566-1
- https://ubuntu.com/security/notices/USN-5567-1
- https://ubuntu.com/security/notices/USN-5582-1
- https://www.openwall.com/lists/oss-security/2022/08/09/5
- https://www.zerodayinitiative.com/advisories/ZDI-22-1118/
- https://www.vicarius.io/vsociety/posts/use-after-free-vulnerability-linked-chain-between-nft-tables-cve-2022-2586
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-2586
Data: NIST NVD + CISA KEV. NVD last modified 2025-10-28. Always verify against the vendor advisory before acting.