Zero-Handle Filter Removal Vulnerability in Linux Kernel's cls_route Implementation

Zero-Handle Filter Removal Vulnerability in Linux Kernel's cls_route Implementation

CVE-2022-2588 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.