{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T22:22:14.518","vulnerabilities":[{"cve":{"id":"CVE-2022-49622","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-02-26T07:01:37.580","lastModified":"2025-03-24T19:48:44.753","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: avoid skb access on nf_stolen\n\nWhen verdict is NF_STOLEN, the skb might have been freed.\n\nWhen tracing is enabled, this can result in a use-after-free:\n1. access to skb->nf_trace\n2. access to skb->mark\n3. computation of trace id\n4. dump of packet payload\n\nTo avoid 1, keep a cached copy of skb->nf_trace in the\ntrace state struct.\nRefresh this copy whenever verdict is != STOLEN.\n\nAvoid 2 by skipping skb->mark access if verdict is STOLEN.\n\n3 is avoided by precomputing the trace id.\n\nOnly dump the packet when verdict is not \"STOLEN\"."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nf_tables: evitar el acceso a skb en nf_stolen Cuando el veredicto es NF_STOLEN, es posible que se haya liberado el skb. Cuando el rastreo está habilitado, esto puede dar como resultado un use-after-free: 1. acceso a skb->nf_trace 2. acceso a skb->mark 3. cálculo del identificador de rastreo 4. volcado de el payload del paquete Para evitar 1, mantenga una copia en caché de skb->nf_trace en la estructura de estado de rastreo. Actualice esta copia siempre que el veredicto sea != STOLEN. Evite 2 omitiendo el acceso a skb->mark si el veredicto es STOLEN. 3 se evita precalculando el identificador de rastreo. Solo vuelque el paquete cuando el veredicto no sea \"STOLEN\"."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.18.13","matchCriteriaId":"5E7A257D-D28B-46EB-BC21-AD8C60095E96"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*","matchCriteriaId":"A8C30C2D-F82D-4D37-AB48-D76ABFBD5377"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:*","matchCriteriaId":"BF8547FC-C849-4F1B-804B-A93AE2F04A92"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:*","matchCriteriaId":"F3068028-F453-4A1C-B80F-3F5609ACEF60"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.19:rc4:*:*:*:*:*:*","matchCriteriaId":"2E9C0DB0-D349-489F-A3D6-B77214E93A8A"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0016d5d46d7440729a3132f61a8da3bf7f84e2ba","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e34b9ed96ce3b06c79bf884009b16961ca478f87","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}