CVE-2021-22555

Description from NVD

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

Information Acquisition Date:2022-05-18T18:48Z
CVSS 2.0: 4.6 MEDIUM CVSS 3.x: 7.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:L/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d
     source:MISC
     tags:Mailing List    Patch    Vendor Advisory    
 https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528
     source:MISC
     tags:Exploit    Third Party Advisory    
 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21
     source:MISC
     tags:Mailing List    Patch    Vendor Advisory    
 http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html
     source:MISC
     tags:Third Party Advisory    VDB Entry    
 https://security.netapp.com/advisory/ntap-20210805-0010/
     source:CONFIRM
     tags:Third Party Advisory    
 http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    

This vulnerability may involve a PoC.

Description from Forti

RHSA-2021:3327-Security Advisory

Information Acquisition Date:2022/03/24

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...251
https://lists.astaro.com/ASGV9-IPS-rules.html23
http://twinybots.ch21
https://www.willsroot.io/2022/01/cve-2022-0185.html7
https://twitter.com/theflow0/status/14153278629121351716
https://google.github.io/security-research/pocs/linux/cve-2...5
http://tweetedtimes.com/susession?s=tnp4
https://news.ycombinator.com/item?id=278420184
https://bit.ly/3yUVo303
https://ift.tt/3B6SkTe3
https://github.com/google/security-research/tree/master/poc...3
https://nickgregory.me/linux/security/2022/03/12/cve-2022-2...3
https://cloud.google.com/kubernetes-engine/docs/release-notes3
https://ruia-ruia.github.io/2022/08/05/CVE-2022-29582-io-uring3

Information from Twitter

User URL Info Source Date
buaqbot https://ift.tt/fEUFtv4 Source buaqbot          1648343389014835201 2023/04/19
buaqbot https://ift.tt/IZ2Ag4s Source buaqbot          1648343389014835201 2023/04/19

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com251
lists.astaro.com23
twinybots.ch21
www.willsroot.io7
twitter.com6
google.github.io5
tweetedtimes.com4
news.ycombinator.com4
bit.ly3
ift.tt3
github.com3
nickgregory.me3
cloud.google.com3
ruia-ruia.github.io3

Information from Twitter

User URL Info Source
buaqbot ift.tt Show Tweet
buaqbot ift.tt Show Tweet
GitHub Search Results: Up to 10
NameURL
xyjl-ly/CVE-2021-22555-Exploit https://github.com/xyjl-ly/CVE-2021-22555-Exploit
cgwalters/container-cve-2021-22555 https://github.com/cgwalters/container-cve-2021-22555
JoneyJunior/cve-2021-22555 https://github.com/JoneyJunior/cve-2021-22555
daletoniris/CVE-2021-22555-esc-priv https://github.com/daletoniris/CVE-2021-22555-esc-priv
GitHub Search Results: Up to 10
NameURL
xyjl-ly/CVE-2021-22555-Exploit github.com
cgwalters/container-cve-2021-22555 github.com
JoneyJunior/cve-2021-22555 github.com
daletoniris/CVE-2021-22555-esc-priv github.com
2023/04/19 Score : 1
Added Har-sia Database : 2021/07/07
Last Modified : 2023/04/19
Highest Scored Date : 2021/07/15
Highest Score : 69