Total vulnerabilities in the database
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
| Software | From | Fixed in |
|---|---|---|
| fedoraproject / fedora | 35 | 35.x |
| fedoraproject / fedora | 36 | 36.x |
| debian / debian_linux | 9.0 | 9.0.x |
| debian / debian_linux | 10.0 | 10.0.x |
| linux / linux_kernel | 4.20 | 5.4.198 |
| linux / linux_kernel | 4.1 | 4.9.318 |
| linux / linux_kernel | 4.10 | 4.14.283 |
| linux / linux_kernel | 4.15 | 4.19.247 |
| linux / linux_kernel | 5.5 | 5.10.120 |
| linux / linux_kernel | 5.11 | 5.15.45 |
| linux / linux_kernel | 5.16 | 5.17.13 |
| linux / linux_kernel | 5.18 | 5.18.2 |