Wind River Support Network


LIN1021-3901 : Security Advisory - linux - CVE-2022-34918

Created: Jul 4, 2022    Updated: Jul 26, 2022
Resolved Date: Jul 26, 2022
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel


An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.

CREATE(Triage):(User=admin) CVE-2022-34918 (


Live chat