CVE-2021-22600

MEDIUM KEV

Linux Kernel - Privilege Escalation

Title source: llm

Description

A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

Exploits (3)

gitlab

by 10vuln · poc

https://gitlab.com/penetration-test-learn/10vuln/r4j0x00

nomisec WRITEUP

by Chinmay1743 · local

https://github.com/Chinmay1743/af_packet.c

View Code ZIP pw:eip

nomisec WORKING POC

by sendINUX · local

https://github.com/sendINUX/CVE-2021-22600__DirtyPagetable

View Code ZIP pw:eip

References (5)

[Mailing List, Patch] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20230110-0002/

[Third Party Advisory] https://www.debian.org/security/2022/dsa-5096

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22600

Scores

CVSS v3 6.6

EPSS 0.0014

EPSS Percentile 34.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H

Exploitation Intel

CISA KEV 2022-04-11

VulnCheck KEV 2022-03-07

InTheWild.io 2022-03-07

ENISA EUVD EUVD-2021-9736

Classification

CWE

CWE-415

Status published

Affected Products (12)

netapp/8300_firmware

netapp/8700_firmware

netapp/a400_firmware

netapp/c400_firmware

linux/linux_kernel < 4.14.259

debian/debian_linux

debian/debian_linux

netapp/h410c_firmware

netapp/h300s_firmware

netapp/h500s_firmware

netapp/h700s_firmware

netapp/h410s_firmware

Timeline

Published Jan 26, 2022

KEV Added Apr 11, 2022

Tracked Since Feb 18, 2026