CVE-2021-22555
Published on: 07/07/2021 12:00:00 AM UTC
Last Modified on: 03/31/2022 07:15:00 PM UTC
Certain versions of Fabric Operating System from Brocade contain the following vulnerability:
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
- CVE-2021-22555 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.8 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
LOCAL | LOW | LOW | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 4.6 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
LOCAL | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | PARTIAL | PARTIAL |
CVE References
Related QID Numbers
- 159329 Oracle Enterprise Linux Security Update for kernel (ELSA-2021-3057)
- 159332 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9395)
- 159375 Oracle Enterprise Linux Security Update for kernel (ELSA-2021-3327)
- 179640 Debian Security Update for linux (CVE-2021-22555)
- 239541 Red Hat Update for kernel (RHSA-2021:3057)
- 239542 Red Hat Update for kpatch-patch (RHSA-2021:3044)
- 239543 Red Hat Update for kernel-rt (RHSA-2021:3088)
- 239566 Red Hat Update for kpatch-patch (RHSA-2021:3181)
- 239570 Red Hat Update for kernel (RHSA-2021:3173)
- 239592 Red Hat Update for kpatch-patch (RHSA-2021:3381)
- 239593 Red Hat Update for kpatch-patch (RHSA-2021:3380)
- 239594 Red Hat Update for kernel-rt (RHSA-2021:3375)
- 239599 Red Hat Update for kernel (RHSA-2021:3363)
- 239602 Red Hat Update for kernel-rt (RHSA-2021:3328)
- 239603 Red Hat Update for kernel (RHSA-2021:3327)
- 257109 CentOS Security Update for kernel (CESA-2021:3327)
- 352831 Amazon Linux Security Advisory for kernel: ALAC2012-2021-030
- 352832 Amazon Linux Security Advisory for kmod-sfc: ALAC2012-2021-031
- 352833 Amazon Linux Security Advisory for kmod-mlx5: ALAC2012-2021-032
- 376748 F5 BIG-IP Application Security Manager (ASM), Local Traffic Manager (LTM), Access Policy Manager (APM) Linux kernel Vulnerability (K06524534)
- 390220 Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0025)
- 670707 EulerOS Security Update for kernel (EulerOS-SA-2021-2465)
- 670772 EulerOS Security Update for kernel (EulerOS-SA-2021-2530)
- 670796 EulerOS Security Update for kernel (EulerOS-SA-2021-2554)
- 671047 EulerOS Security Update for kernel (EulerOS-SA-2021-2588)
- 671051 EulerOS Security Update for kernel (EulerOS-SA-2021-2663)
- 750844 SUSE Enterprise Linux Security Update for kernel (SUSE-SU-2021:2407-1)
- 750847 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:2409-1)
- 750848 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2416-1)(Sequoia)
- 750851 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:2415-1)(Sequoia)
- 750864 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2421-1)
- 750868 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2427-1)
- 750869 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2422-1)
- 750877 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:2427-1)
- 750880 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2451-1)
- 750887 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1076-1)
- 750899 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (SUSE-SU-2021:2538-1)
- 940353 AlmaLinux Security Update for kernel (ALSA-2021:3057)
- 960074 Rocky Linux Security Update for kernel (RLSA-2021:3057)
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Brocade | Fabric Operating System | - | All | All | All |
Operating System | Linux | Linux Kernel | All | All | All | All |
Hardware | Netapp | Aff 500f | - | All | All | All |
Operating System | Netapp | Aff 500f Firmware | - | All | All | All |
Hardware | Netapp | Aff A250 | - | All | All | All |
Operating System | Netapp | Aff A250 Firmware | - | All | All | All |
Hardware | Netapp | Aff A400 | - | All | All | All |
Operating System | Netapp | Aff A400 Firmware | - | All | All | All |
Hardware | Netapp | Fas 8300 | - | All | All | All |
Operating System | Netapp | Fas 8300 Firmware | - | All | All | All |
Hardware | Netapp | Fas 8700 | - | All | All | All |
Operating System | Netapp | Fas 8700 Firmware | - | All | All | All |
Hardware | Netapp | H610c | - | All | All | All |
Operating System | Netapp | H610c Firmware | - | All | All | All |
Hardware | Netapp | H610s | - | All | All | All |
Operating System | Netapp | H610s Firmware | - | All | All | All |
Hardware | Netapp | H615c | - | All | All | All |
Operating System | Netapp | H615c Firmware | - | All | All | All |
Application | Netapp | Hci Management Node | - | All | All | All |
Application | Netapp | Solidfire | - | All | All | All |
- cpe:2.3:o:brocade:fabric_operating_system:-:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:aff_500f:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:fas_8300:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:fas_8300_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:fas_8700:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:fas_8700_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*:
- cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*:
Discovery Credit
Andy Nguyen
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
CVE-2021-22555 | 2021-07-07 20:43:10 |
![]() |
CVE-2021-22555: Turning \x00\x00 into 10000$ | 2021-07-14 21:18:36 |
![]() |
CVE-2021-22555: Turning \x00\x00 into 10000$ - a 15 years old heap out-of-bounds write vulnerability in Linux Netfilter that is powerful enough to bypass all modern security mitigations and achieve kernel code execution. | 2021-07-15 08:16:33 |
![]() |
CVE-2021-22555: Turning \x00\x00 into 10000$ | 2021-07-15 11:00:02 |
![]() |
CVE-2021-22555: Turning \x00\x00 into 10000$ | 2021-07-15 11:20:00 |
![]() |
Hacker News top posts: Jul 15, 2021 | 2021-07-15 13:32:40 |
![]() |
CVE-2021-22555: Turning \x00\x00 into 10000$ | 2021-07-15 13:04:34 |
![]() |
CVE-2021-22555: Turning \x00\x00 into 10000$ | 2021-07-16 02:25:48 |
![]() |
cve-2021-22555 vulnerability mitigation suggestions | 2021-07-21 05:50:57 |