Back to KEVs

CVE-2021-22555

Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE

Basic Information

CVE State: PUBLISHED
Reserved Date: January 05, 2021
Published Date: July 07, 2021
Last Updated: December 30, 2025
Vendor: n/a
Product: Linux Kernel
Description: A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
Tags

CVSS Scores

CVSS v3.1

8.3 - HIGH

Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2026-06-01 13:30:37 UTC) Source
Proof of Concept Available: Yes (added 2021-07-16 01:54:01 UTC) Source

References

https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html https://security.netapp.com/advisory/ntap-20210805-0010/ http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html

Known Exploited Vulnerability Information

Source	Added Date
CVE	2026-06-01 10:41:42 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/netfilter_xtables_heap_oob_write_priv_esc.rb	2025-04-28 15:02:13 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

netfilter_xtables_heap_oob_write_priv_esc

Type: metasploit • Created: Unknown

Metasploit module for CVE-2021-22555

letsr00t/-2021-LOCALROOT-CVE-2021-22555

Type: github • Created: 2024-02-05 07:05:13 UTC • Stars: 0

pashayogi/CVE-2021-22555

Type: github • Created: 2023-08-20 14:26:28 UTC • Stars: 0

Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation'

tukru/CVE-2021-22555

Type: github • Created: 2023-08-05 18:56:18 UTC • Stars: 3

This repo hosts TUKRU's Linux Privilege Escalation exploit (CVE-2021-22555). It demonstrates gaining root privileges via a vulnerability. Tested on Ubuntu 5.8.0-48-generic and COS 5.4.89+. Use responsibly and ethically.

veritas501/CVE-2021-22555-PipeVersion

Type: github • Created: 2022-04-05 06:35:25 UTC • Stars: 36

CVE-2021-22555 exploit rewritten with pipe primitive

xyjl-ly/CVE-2021-22555-Exploit

Type: github • Created: 2021-07-16 01:54:01 UTC • Stars: 10

CVE-2021-22555 Exploit

Timeline

CVE ID Reserved

January 05, 2021
CVE Published to Public

July 07, 2021
Proof of Concept Exploit Available

July 16, 2021
Detected by Metasploit

April 28, 2025
Added to KEVIntel

June 01, 2026