7.2
CVE-2021-22600
- EPSS 0.07%
- Published 26.01.2022 14:15:08
- Last modified 24.02.2025 15:41:32
- Source cve-coordination@google.com
- Teams watchlist Login
- Open Login
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.14.175 < 4.14.259
Linux ≫ Linux Kernel Version >= 4.19.114 < 4.19.222
Linux ≫ Linux Kernel Version >= 5.4.29 < 5.4.168
Linux ≫ Linux Kernel Version >= 5.5.14 < 5.10.88
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.11
Debian ≫ Debian Linux Version9.0
Debian ≫ Debian Linux Version10.0
Netapp ≫ H410c Firmware Version-
Netapp ≫ H300s Firmware Version-
Netapp ≫ H500s Firmware Version-
Netapp ≫ H700s Firmware Version-
Netapp ≫ H410s Firmware Version-
11.04.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
Linux Kernel Privilege Escalation Vulnerability
VulnerabilityLinux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.
DescriptionApply updates per vendor instructions.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.228 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
| cve-coordination@google.com | 6.6 | 0.8 | 5.3 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H
|
CWE-415 Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.