First published: Wed Jul 07 2021(Updated: )
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a heap out-of-bounds write flaw in net/netfilter/x_tables.c. By sending a specially-crafted request through user name space, an authenticated attacker could exploit this vulnerability to gain elevated privileges or cause a denial of service condition.
Credit: cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:3.10.0-1160.41.1.rt56.1181.el7 | 0:3.10.0-1160.41.1.rt56.1181.el7 |
redhat/kernel | <0:3.10.0-1160.41.1.el7 | 0:3.10.0-1160.41.1.el7 |
redhat/kernel | <0:3.10.0-327.100.1.el7 | 0:3.10.0-327.100.1.el7 |
redhat/kernel | <0:3.10.0-514.92.1.el7 | 0:3.10.0-514.92.1.el7 |
redhat/kernel | <0:3.10.0-693.94.1.el7 | 0:3.10.0-693.94.1.el7 |
redhat/kernel | <0:3.10.0-957.84.1.el7 | 0:3.10.0-957.84.1.el7 |
redhat/kernel | <0:3.10.0-1062.56.1.el7 | 0:3.10.0-1062.56.1.el7 |
redhat/kernel-rt | <0:4.18.0-305.12.1.rt7.84.el8_4 | 0:4.18.0-305.12.1.rt7.84.el8_4 |
redhat/kernel | <0:4.18.0-305.12.1.el8_4 | 0:4.18.0-305.12.1.el8_4 |
redhat/kernel | <0:4.18.0-147.52.1.el8_1 | 0:4.18.0-147.52.1.el8_1 |
redhat/kernel-rt | <0:4.18.0-193.64.1.rt13.115.el8_2 | 0:4.18.0-193.64.1.rt13.115.el8_2 |
redhat/kernel | <0:4.18.0-193.64.1.el8_2 | 0:4.18.0-193.64.1.el8_2 |
redhat/redhat-virtualization-host | <0:4.3.18-20210903.0.el7_9 | 0:4.3.18-20210903.0.el7_9 |
redhat/redhat-virtualization-host | <0:4.4.7-20210804.0.el8_4 | 0:4.4.7-20210804.0.el8_4 |
Linux Linux kernel | >=2.6.19<4.4.267 | |
Linux Linux kernel | >=4.5<4.9.267 | |
Linux Linux kernel | >=4.10<4.14.231 | |
Linux Linux kernel | >=4.15<4.19.188 | |
Linux Linux kernel | >=4.20<5.4.113 | |
Linux Linux kernel | >=5.5<5.10.31 | |
Linux Linux kernel | >=5.11<5.12 | |
Brocade Fabric Operating System | ||
Netapp Fas 8300 Firmware | ||
Netapp Fas 8300 | ||
Netapp Fas 8700 Firmware | ||
Netapp Fas 8700 | ||
Netapp Aff A400 Firmware | ||
Netapp Aff A400 | ||
Netapp Aff A250 Firmware | ||
Netapp Aff A250 | ||
Netapp Aff 500f Firmware | ||
Netapp Aff 500f | ||
Netapp H610c Firmware | ||
Netapp H610c | ||
Netapp H610s Firmware | ||
Netapp H610s | ||
Netapp H615c Firmware | ||
Netapp H615c | ||
Netapp Hci Management Node | ||
Netapp Solidfire | ||
IBM DRM | <=2.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2021-22555 is a heap out-of-bounds write vulnerability affecting Linux kernel since v2.6.19-rc1 in the net/netfilter/x_tables component.
CVE-2021-22555 allows a local user to gain privileges or cause a denial-of-service (DoS) through user name space.
Linux kernel versions between v2.6.19-rc1 and 5.12 are affected by CVE-2021-22555.
CVE-2021-22555 has a severity rating of 7.8 (High).
To fix CVE-2021-22555, update the Linux kernel to version 5.12 or apply the appropriate patches as recommended by the vendor.