{"id":"CVE-2022-1055","summary":"Use after Free in tc_new_tfilter allowing for privilege escalation in Linux Kernel","details":"A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5","aliases":["A-228390920","PUB-A-228390920"],"modified":"2026-05-08T04:48:33.442704Z","published":"2022-03-29T15:05:13Z","related":["ALSA-2022:6002","ALSA-2022:6003","ALSA-2022:7444","ALSA-2022:7683","SUSE-SU-2022:1163-1","SUSE-SU-2022:1183-1","SUSE-SU-2022:1197-1","SUSE-SU-2022:1257-1","SUSE-SU-2022:1326-1","SUSE-SU-2022:1369-1","SUSE-SU-2022:1407-1","SUSE-SU-2022:1453-1"],"database_specific":{"cna_assigner":"Google","cwe_ids":["CWE-416"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1055.json"},"references":[{"type":"WEB","url":"http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html"},{"type":"WEB","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5"},{"type":"WEB","url":"https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5"},{"type":"WEB","url":"https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1055.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1055"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220506-0007/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git","events":[{"introduced":"0"},{"fixed":"dfd42facf1e4ada021b939b4e19c935dcdd55566"}],"database_specific":{"source":"AFFECTED_FIELD","extracted_events":[{"introduced":"0"},{"fixed":"v5.17-rc3"}]}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1055.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N"}]}