CVE-2021-22555

Source
https://cve.org/CVERecord?id=CVE-2021-22555
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22555.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-22555
Aliases
Downstream
Related
Published
2021-07-07T12:15:08.453Z
Modified
2026-05-18T05:53:30.553172635Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

Database specific
{
    "unresolved_ranges": [
        {
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "introduced": "2.6.19"
                },
                {
                    "fixed": "4.4.267"
                },
                {
                    "introduced": "4.5"
                },
                {
                    "fixed": "4.9.267"
                },
                {
                    "introduced": "4.10"
                },
                {
                    "fixed": "4.14.231"
                },
                {
                    "introduced": "4.15"
                },
                {
                    "fixed": "4.19.188"
                },
                {
                    "introduced": "4.20"
                },
                {
                    "fixed": "5.4.113"
                },
                {
                    "introduced": "5.5"
                },
                {
                    "fixed": "5.10.31"
                }
            ],
            "cpe": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
        }
    ]
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
f40ddce88593482919761f74910f42f4b84c004b
Fixed
9f4ad9e425a1d3b6a34617b8ea226d56a119a717
Database specific
{
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "5.11"
        },
        {
            "fixed": "5.12"
        }
    ],
    "cpe": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
}

Affected versions

v5.*
v5.11
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22555.json"