Critical Vulnerability Information CVE ID: CVE-2022-2586 Release Date: 2024-01-08 Update Date: 2024-01-08 CNA: Canonical Ltd. Description An nft object or expression was found to be able to reference an nft set on a different nft table, leading to a use-after-free condition after the table is deleted. CWE CWE-416: Use After Free CVSS Score: 5.3 Severity: MEDIUM Version: 3.1 Vector String: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H Product Status Vendor: The Linux Kernel Organization Product: linux Platform: Linux Affected Versions: From 0 to 6.0~rc1 Acknowledgments Discoverer: Team Orca of Sea Security (@seasecresponse) in collaboration with Trend Micro's Zero Day Initiative References Ubuntu - USN-5564-1 (Third-party-advisory) Ubuntu - USN-5560-2 (Third-party-advisory) Ubuntu - USN-5582-1 (Third-party-advisory) Ubuntu - USN-5567-1 (Third-party-advisory) Ubuntu - USN-5560-1 (Third-party-advisory) Ubuntu - USN-5566-1 (Third-party-advisory) Openwall - oss-security (Issue-tracking)