Vulnerability detail
Enriched intelligence for a single CVE
Medium
CVE-2021-22600
PUBLISHEDDouble Free in net/packet/af_packet.c leading to priviledge escalation
- Vendor
- Linux Kernel
- Product
- Kernel
- Published
- Jan 26, 2022
- EPSS
- —
Description
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
CVSS scores
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H
Exploitation status
Exploited in the wild
Recorded 2022-04-11 00:00:00 UTC · Source
SSVC decision points
- Exploitation
- active
- Automatable
- No
- Technical impact
- partial
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Apr 11, 2022 |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel