CVE-2021-22600

HighKnown Exploited

A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate…

Google·CWE-415·Published 2022-01-26

CVSS

7.0

EPSS

0.06

KEV

Yes

Exploits

cve.orgen

279 chars

A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

NVDen

279 chars

NVDes

351 chars

Un bug de doble liberación en la función packet_set_ring() en el archivo net/packet/af_packet.c puede ser explotado por un usuario local mediante syscalls diseñados para escalar privilegios o denegar el servicio. Es recomendado actualizar el kernel más allá de las versiones afectadas o reconstruir más allá de ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.2	3.9	10.0	AV:L/AC:L/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	7.0	1.0	5.9	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	6.6	—	—	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H
3.1	Primary	cve.org	6.6	—	—	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H
3.1	Secondary	NVD	6.6	0.8	5.3	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H