A vulnerability has been identified in the Linux kernel (no CVE assigned) that could allow a local user to become root on the system. An exploit has been announced that demonstrates obtaining root privileges in Ubuntu 22.04. A patch has been proposed for inclusion in the kernel to fix the problem.
The vulnerability is caused by accessing an already freed memory area (use-after-free) when manipulating set lists using the NFT_MSG_NEWSET command in the nf_tables module. The attack requires access to nftables, which can be obtained in a separate network namespace (network namespaces) if you have the CLONE_NEWUSER, CLONE_NEWNS or CLONE_NEWNET rights (for example, if you can run an isolated container).
Source: opennet.ru