net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 5.4 (including) | 5.4.182 (excluding) |
Linux_kernel | Linux | 5.5 (including) | 5.10.103 (excluding) |
Linux_kernel | Linux | 5.11 (including) | 5.15.26 (excluding) |
Linux_kernel | Linux | 5.16 (including) | 5.16.12 (excluding) |