Lucene search

K
redhatcveRedhat.comRH:CVE-2021-22600
HistoryJan 28, 2022 - 8:58 p.m.

CVE-2021-22600

2022-01-2820:58:25
redhat.com
access.redhat.com
213
cve-2021-22600
linux kernel
packet protocol
double-free flaw
packet_set_ring() function
af_packet socket
local user
privileges escalation
vulnerability
cap_net_raw capability

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

37.9%

A double-free flaw was found in the Linux kernel’s packet protocol subsystem in the way a user call triggers the packet_set_ring() function of the net/packet/af_packet.c. This flaw allows a local user to crash or escalate their privileges on the system.

Mitigation

Only users with access to the AF_PACKET socket can trigger this vulnerability. The mitigation would be to disable CAP_NET_RAW capability for the users that prevents access to AF_PACKET.

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

37.9%