CVE-2022-1016 pertains to uninitialized stack data in the nft_do_chain routine. CVE-2022-1016 is exploitable starting from commit 96518518cc41 (original merge of nf_tables), v3.13-rc1, and has been fixed in commit 4c905f6740a3 ("netfilter: nf_tables: initialize registers in nft_do_chain()"). Fixed in 5.17.1, 5.16.18, 5.15.32, 5.10.109, 5.4.188, 4.19.237, 4.14.274, 4.9.309 Reproducible: Always
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a4decb892d1467ec994b1488a3034b0aa9d00a2 commit 7a4decb892d1467ec994b1488a3034b0aa9d00a2 Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-04-04 18:12:15 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-04-04 18:12:15 +0000 sys-kernel/gentoo-sources: stabilize 5.15.32-r1 per kernel proj policy Stabilize due to local privilege escalation, CVE-2022-1016. Bug: https://bugs.gentoo.org/836385 Signed-off-by: Mike Pagano <mpagano@gentoo.org> sys-kernel/gentoo-sources/gentoo-sources-5.15.32-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1a7e8371e296a48c6c40d8e8019c79211f008d01 commit 1a7e8371e296a48c6c40d8e8019c79211f008d01 Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-04-04 18:10:29 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-04-04 18:10:29 +0000 sys-kernel/gentoo-sources: stabilize 5.10.109 per kernel proj policy Stabilize due to local privilege escalation, CVE-2022-1016. Bug: https://bugs.gentoo.org/836385 Signed-off-by: Mike Pagano <mpagano@gentoo.org> sys-kernel/gentoo-sources/gentoo-sources-5.10.109.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6a2b4d819d03a0436a74777408c93d48e406da3f commit 6a2b4d819d03a0436a74777408c93d48e406da3f Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-04-04 18:07:52 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-04-04 18:07:52 +0000 sys-kernel/gentoo-sources: stabilize 4.19.237 per kernel proj policy Stabilize due to local privilege escalation, CVE-2022-1016. Bug: https://bugs.gentoo.org/836385 Signed-off-by: Mike Pagano <mpagano@gentoo.org> sys-kernel/gentoo-sources/gentoo-sources-4.19.237.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ba367659dafa69b4a197f3d1164856f7893b958 commit 4ba367659dafa69b4a197f3d1164856f7893b958 Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-04-04 18:04:31 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-04-04 18:04:31 +0000 sys-kernel/gentoo-sources: stabilize 4.14.275 per kernel proj policy Stabilize due to local privilege escalation. CVE-2022-1016. Bug: https://bugs.gentoo.org/836385 Signed-off-by: Mike Pagano <mpagano@gentoo.org> sys-kernel/gentoo-sources/gentoo-sources-4.14.275.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a6d4101246681a1031f1802c8c6cb364fb5aad2a commit a6d4101246681a1031f1802c8c6cb364fb5aad2a Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-04-04 18:00:27 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-04-04 18:00:27 +0000 sys-kernel/gentoo-sources: stabilize 4.9.309 per kernel proj policy Stabilize due to local privilege escalation Bug: https://bugs.gentoo.org/836385 Signed-off-by: Mike Pagano <mpagano@gentoo.org> sys-kernel/gentoo-sources/gentoo-sources-4.9.309.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
