Hello aspiring ethical hackers. In our previous blogpost, you learnt in detail about Dirtypipe vulnerability. In this article, you will learn about CVE-2022-25636 vulnerability, another vulnerability that affected Linux systems.
New to Ethical Hacking?
Start your journey with The Beginner Ethical Hacker Starter Kit (2026 Edition).
Inside the free guide, you’ll learn:.
- Ethical hacking fundamentals
- Beginner cybersecurity roadmap
- Essential hacking tools
- Common vulnerabilities explained
What is CVE-2022-25636 vulnerability?
CVE-2022-25636 is a vulnerability that affects the Linux Netfilter component. What is netfilter? It is an open source framework provided by the Linux kernel that allows various networking-related operations to be implemented in the form of customized handlers. Its functions include packet filtering, network address translation and port translation. All Linux Firewall utilities i.e IPtables, nftables, ufw etc use Netfilter in their operations.
Exploitation of this vulnerability can give attackers root privileges on the target system, allows them to escape containers and in worst case induce a kernel panic. This vulnerability affects Linux kernel versions 5.4 to 5.6.10. The target OS include Ubuntu, Debian, RedHat etc.
However, there’s no clarity on which kernel versions are actually vulnerable. In my testing, this failed to work on Ubuntu 21.10 kernel version 5.13.0-10 but worked every time on Ubuntu 21.10 with kernel version 5.13.0-30 (without giving any panic). Let’s have a look at how the exploitation worked for me.
Proof of Concept (PoC)
To exploit this privilege escalation vulnerability, the hacker needs to have access on the target system with even low user privileges as shown below. Here, I am using Ubuntu as target system.
Once I have a shell on the target, I download the exploit from GitHub as shown below.
Next, I navigate into the CVE-2022-25636 directory and compile the exploit as shown below.
Want to Learn Ethical Hacking Step-by-Step?
If you’re serious about learning cybersecurity, a structured roadmap makes the journey much easier.
Download The Beginner Ethical Hacker Starter Kit (2026 Edition) and discover:
✔ The ethical hacking learning path
✔ Beginner-friendly security concepts
✔ Essential tools ethical hackers use
✔ The most common vulnerabilities explained
Then I executed the exploit as shown below.
As readers can see, I successfully got a shell with root privileges. Next, learn in detail about the DirtyCow vulnerability.
Start Your Ethical Hacking Journey Today
Learning cybersecurity can feel overwhelming at first. The best way to start is with a clear roadmap and the right resources.
Download The Beginner Ethical Hacker Starter Kit (2026 Edition) and get instant access to:
✔ Ethical hacking fundamentals
✔ A beginner cybersecurity learning roadmap
✔ Essential hacking tools every beginner should know
✔ Common vulnerabilities explained simply
