In the Linux kernel, the following vulnerability has been resolved:
netfilter: nfnetlinkosf: fix possible bogus match in nfosf_find()
nfosffind() incorrectly returns true on mismatch, this leads to copying uninitialized memory area in nft_osf which can be used to leak stale kernel stack data to userspace.
{ "vanir_signatures": [ { "digest": { "line_hashes": [ "171068414908762609922801627278623109023", "241596567113576498739083552612759825017", "298249528419792065414968052016030019647", "205230942049278803058759243964157646656", "171277951713728805806107848703485568377", "44017376990679526971888529384555952332", "239086131535792838484037089799556631909", "338186539479110983481916937625289039811", "243767019407495200732119401621267900215", "292140026716509787806093245991438466902", "322811508493882157692879974017947100933" ], "threshold": 0.9 }, "target": { "file": "net/netfilter/nfnetlink_osf.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5d75fef3e61e797fab5c3fbba88caa74ab92ad47", "deprecated": false, "signature_version": "v1", "id": "CVE-2022-48654-0f9e3e75" }, { "digest": { "line_hashes": [ "171068414908762609922801627278623109023", "241596567113576498739083552612759825017", "298249528419792065414968052016030019647", "205230942049278803058759243964157646656", "171277951713728805806107848703485568377", "44017376990679526971888529384555952332", "239086131535792838484037089799556631909", "338186539479110983481916937625289039811", "243767019407495200732119401621267900215", "292140026716509787806093245991438466902", "322811508493882157692879974017947100933" ], "threshold": 0.9 }, "target": { "file": "net/netfilter/nfnetlink_osf.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@633c81c0449663f57d4138326d036dc6cfad674e", "deprecated": false, "signature_version": "v1", "id": "CVE-2022-48654-5abb75ef" }, { "digest": { "length": 637.0, "function_hash": "21780391760956909167767164457708288266" }, "target": { "function": "nf_osf_find", "file": "net/netfilter/nfnetlink_osf.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5d75fef3e61e797fab5c3fbba88caa74ab92ad47", "deprecated": false, "signature_version": "v1", "id": "CVE-2022-48654-63702843" }, { "digest": { "line_hashes": [ "171068414908762609922801627278623109023", "241596567113576498739083552612759825017", "298249528419792065414968052016030019647", "205230942049278803058759243964157646656", "171277951713728805806107848703485568377", "44017376990679526971888529384555952332", "239086131535792838484037089799556631909", "338186539479110983481916937625289039811", "243767019407495200732119401621267900215", "292140026716509787806093245991438466902", "322811508493882157692879974017947100933" ], "threshold": 0.9 }, "target": { "file": "net/netfilter/nfnetlink_osf.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@816eab147e5c6f6621922b8515ad9010ceb1735e", "deprecated": false, "signature_version": "v1", "id": "CVE-2022-48654-8cf4df56" }, { "digest": { "length": 637.0, "function_hash": "21780391760956909167767164457708288266" }, "target": { "function": "nf_osf_find", "file": "net/netfilter/nfnetlink_osf.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@633c81c0449663f57d4138326d036dc6cfad674e", "deprecated": false, "signature_version": "v1", "id": "CVE-2022-48654-dc073ae2" }, { "digest": { "line_hashes": [ "171068414908762609922801627278623109023", "241596567113576498739083552612759825017", "298249528419792065414968052016030019647", "205230942049278803058759243964157646656", "171277951713728805806107848703485568377", "44017376990679526971888529384555952332", "239086131535792838484037089799556631909", "338186539479110983481916937625289039811", "243767019407495200732119401621267900215", "292140026716509787806093245991438466902", "322811508493882157692879974017947100933" ], "threshold": 0.9 }, "target": { "file": "net/netfilter/nfnetlink_osf.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@559c36c5a8d730c49ef805a72b213d3bba155cc8", "deprecated": false, "signature_version": "v1", "id": "CVE-2022-48654-e814f7b7" }, { "digest": { "length": 637.0, "function_hash": "21780391760956909167767164457708288266" }, "target": { "function": "nf_osf_find", "file": "net/netfilter/nfnetlink_osf.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@816eab147e5c6f6621922b8515ad9010ceb1735e", "deprecated": false, "signature_version": "v1", "id": "CVE-2022-48654-ed4b0bba" }, { "digest": { "length": 637.0, "function_hash": "21780391760956909167767164457708288266" }, "target": { "function": "nf_osf_find", "file": "net/netfilter/nfnetlink_osf.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@559c36c5a8d730c49ef805a72b213d3bba155cc8", "deprecated": false, "signature_version": "v1", "id": "CVE-2022-48654-ef588011" } ] }