{"id":"CVE-2021-22555","details":"A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space","aliases":["A-184847809","PUB-A-184847809"],"modified":"2026-03-20T11:38:50.456495Z","published":"2021-07-07T12:15:08.453Z","related":["ALSA-2021:3057","GHSA-xxx5-8mvq-3528","SUSE-SU-2021:2406-1","SUSE-SU-2021:2407-1","SUSE-SU-2021:2408-1","SUSE-SU-2021:2409-1","SUSE-SU-2021:2415-1","SUSE-SU-2021:2416-1","SUSE-SU-2021:2421-1","SUSE-SU-2021:2422-1","SUSE-SU-2021:2427-1","SUSE-SU-2021:2438-1","SUSE-SU-2021:2451-1","SUSE-SU-2021:2487-1","SUSE-SU-2021:2538-1","SUSE-SU-2021:2542-1","SUSE-SU-2021:2559-1","SUSE-SU-2021:2560-1","SUSE-SU-2021:2577-1","SUSE-SU-2021:2584-1","SUSE-SU-2021:2599-1","SUSE-SU-2021:2599-2","SUSE-SU-2021:2643-1","openSUSE-SU-2021:1076-1","openSUSE-SU-2021:2409-1","openSUSE-SU-2021:2415-1","openSUSE-SU-2021:2427-1"],"references":[{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22555"},{"type":"ADVISORY","url":"http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20210805-0010/"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html"},{"type":"EVIDENCE","url":"https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git","events":[{"introduced":"f40ddce88593482919761f74910f42f4b84c004b"},{"fixed":"9f4ad9e425a1d3b6a34617b8ea226d56a119a717"}],"database_specific":{"versions":[{"introduced":"5.11"},{"fixed":"5.12"}]}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22555.json","unresolved_ranges":[{"events":[{"introduced":"2.6.19"},{"fixed":"4.4.267"}]},{"events":[{"introduced":"4.5"},{"fixed":"4.9.267"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.231"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.188"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.113"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.31"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}