CVE-2021-22555
- Source
- https://cve.org/CVERecord?id=CVE-2021-22555
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22555.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-22555
- Aliases
-
- A-184847809
- PUB-A-184847809
- Downstream
- Related
- Published
- 2021-07-07T12:15:08.453Z
- Modified
- 2026-03-14T22:40:16.890106Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
- References
-
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22555
- https://security.netapp.com/advisory/ntap-20210805-0010/
- http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
- http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
- http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html
- https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528
- http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "2.6.19"
},
{
"fixed": "4.4.267"
}
]
},
{
"events": [
{
"introduced": "4.5"
},
{
"fixed": "4.9.267"
}
]
},
{
"events": [
{
"introduced": "4.10"
},
{
"fixed": "4.14.231"
}
]
},
{
"events": [
{
"introduced": "4.15"
},
{
"fixed": "4.19.188"
}
]
},
{
"events": [
{
"introduced": "4.20"
},
{
"fixed": "5.4.113"
}
]
},
{
"events": [
{
"introduced": "5.5"
},
{
"fixed": "5.10.31"
}
]
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22555.json"