CVE-2021-22600
CVSS v3.1
7 (High)
CVSS v2.0
7.2 (High)
EPSS
0.07 % (30th)
Affected Products
12
Advisories
22
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
Weaknesses
- CWE-415
- Double Free
- CVE Status
- PUBLISHED
- CNA
- Google Inc.
- Published Date
-
2022-01-26 14:15:08
(2 years ago) - Updated Date
-
2023-06-26 18:59:36
(14 months ago)
Linux Kernel Privilege Escalation Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
- Description
- Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.
- Required Action
- Apply updates per vendor instructions.
- Known to be Used in Ransomware Campaigns
- Unknown
- Notes
- https://nvd.nist.gov/vuln/detail/CVE-2021-22600
- Vendor
- Linux
- Product
- Kernel
- In CISA Catalog from
-
2022-04-11
(2 years ago) - Due Date
-
2022-05-02
(2 years ago)
Affected Products
Loading...
Loading...
Configuration #1
AND |
|
---|
Configuration #2
AND |
|
---|
Configuration #3
AND |
|
---|
Configuration #4
AND |
|
---|
Configuration #5
AND |
|
---|
Configuration #6
AND |
|
---|
Configuration #7
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...