CVE-2021-42008

HIGH

Linux Kernel 2.6.12-4.4.282 - Authenticated Out-of-bounds Write in 6pack Decode Function

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-42008. PoCs published by 0xdevil, numanturle.

AI-analyzed exploit summary This is a working exploit for CVE-2021-42008, targeting a 16-year-old vulnerability in the Linux 6pack driver. The exploit leverages userfaultfd and message queue manipulation to achieve local privilege escalation (LPE) on Debian 11 with kernel 5.10.0-8-amd64.

Description

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.

Exploits (2)

nomisec WORKING POC 31 stars
by 0xdevil · poc
https://github.com/0xdevil/CVE-2021-42008

This is a working exploit for CVE-2021-42008, targeting a 16-year-old vulnerability in the Linux 6pack driver. The exploit leverages userfaultfd and message queue manipulation to achieve local privilege escalation (LPE) on Debian 11 with kernel 5.10.0-8-amd64.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Linux kernel 5.10.0-8-amd64 (6pack driver)
No auth needed
Prerequisites: Linux kernel with 6pack driver enabled · User namespace access · Debian 11 or similar environment
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by numanturle · poc
https://github.com/numanturle/CVE-2021-42008

This is a working exploit for CVE-2021-42008, targeting a 16-year-old vulnerability in the Linux 6pack driver. The exploit leverages userfaultfd and message queue manipulation to achieve local privilege escalation (LPE) on Debian 11 with kernel 5.10.0-8-amd64.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Linux kernel 5.10.0-8-amd64 (6pack driver)
No auth needed
Prerequisites: Linux system with 6pack driver loaded · Kernel version 5.10.0-8-amd64 or similar vulnerable version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.13
Exploit, Third Party Advisory x_refsource_misc
https://www.youtube.com/watch?v=d5f9xLK8Vhw
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20211104-0002/
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html

Scores

CVSS v3 7.8
EPSS 0.0149
EPSS Percentile 70.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (11)
debian/debian_linux 9.0
linux/linux_kernel 2.6.12 - 4.4.282
netapp/h300e_firmware
netapp/h300s_firmware
netapp/h410c_firmware
netapp/h410s_firmware
netapp/h500e_firmware
netapp/h500s_firmware
netapp/h700e_firmware
netapp/h700s_firmware
... and 1 more
Published Oct 05, 2021
Tracked Since Feb 18, 2026