CVE-2022-2588 MEDIUM

CVE-2022-2588

Vendor The Linux Kernel Organization
Product linux
Weakness CWE-416
Published January 8, 2024
Last update May 22, 2025

CVSS base score

5.3/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

What the vulnerability does

01Description

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.

Key dates

02Disclosure timeline

January 8, 2024 CVE published
May 22, 2025 Record updated