8.3

CVE-2021-22555

Warnung
Exploit

Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NetappC400 Firmware Version-
   NetappC400 Version-
NetappC250 Firmware Version-
   NetappC250 Version-
NetappH410c Firmware Version-
   NetappH410c Version-
NetappH300s Firmware Version-
   NetappH300s Version-
NetappH500s Firmware Version-
   NetappH500s Version-
NetappH700s Firmware Version-
   NetappH700s Version-
NetappH410s Firmware Version-
   NetappH410s Version-
LinuxLinux Kernel Version >= 2.6.19 < 4.4.267
LinuxLinux Kernel Version >= 4.5 < 4.9.267
LinuxLinux Kernel Version >= 4.10 < 4.14.231
LinuxLinux Kernel Version >= 4.15 < 4.19.188
LinuxLinux Kernel Version >= 4.20 < 5.4.113
LinuxLinux Kernel Version >= 5.5 < 5.10.31
LinuxLinux Kernel Version >= 5.11 < 5.12
NetappFas 8300 Firmware Version-
   NetappFas 8300 Version-
NetappFas 8700 Firmware Version-
   NetappFas 8700 Version-
NetappAff A400 Firmware Version-
   NetappAff A400 Version-
NetappAff A250 Firmware Version-
   NetappAff A250 Version-
NetappAff 500f Firmware Version-
   NetappAff 500f Version-
NetappH610c Firmware Version-
   NetappH610c Version-
NetappH610s Firmware Version-
   NetappH610s Version-
NetappH615c Firmware Version-
   NetappH615c Version-
NetappCloud Backup Version-
NetappSolidfire Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login

06.10.2025: CISA Known Exploited Vulnerabilities (KEV) Catalog

Linux Kernel Heap Out-of-Bounds Write Vulnerability

Schwachstelle

Linux Kernel contains a heap out-of-bounds write vulnerability that could allow an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space.

Beschreibung

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 78.68% 0.995
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
cve-coordination@google.com 8.3 1.6 6
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html
Third Party Advisory
Exploit
VDB Entry
http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
Third Party Advisory
Exploit
VDB Entry
http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html
Third Party Advisory
Exploit
VDB Entry
http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
Third Party Advisory
Exploit
VDB Entry
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21
Patch
Vendor Advisory
Mailing List
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d
Patch
Vendor Advisory
Mailing List
https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528
Third Party Advisory
Exploit
https://security.netapp.com/advisory/ntap-20210805-0010/
Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22555
US Government Resource