exploit the possibilities
Showing 1 - 25 of 31 RSS Feed

CVE-2021-22555

Status Candidate

Overview

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

Related Files

Kernel Live Patch Security Notice LSN-0083-1
Posted Jan 6, 2022
Authored by Benjamin M. Romer

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host’s physical memory. Other vulnerabilities have also been addressed.

tags | advisory, overflow, kernel, vulnerability
systems | linux
advisories | CVE-2018-25020, CVE-2021-22555, CVE-2021-33909, CVE-2021-3653, CVE-2021-4002
SHA-256 | ddd1e7fc677c2b02d3351058bf31466aa231865f93abfb9cdfa1d1ca55622f8d
Red Hat Security Advisory 2021-3812-01
Posted Oct 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3812-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and out of bounds write vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576
SHA-256 | d2eac6f1add09be972a2780c9efa45b78b7848496f88beb863ed2785ea677c2b
Red Hat Security Advisory 2021-3814-01
Posted Oct 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3814-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include bypass and out of bounds write vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-37576
SHA-256 | 3b1a2d1cc68dcb5014deed6689fcfa5c1174b58abbd6f4aaeb3a5cb1167ea7dd
Netfilter x_tables Heap Out-Of-Bounds Write / Privilege Escalation
Posted Oct 7, 2021
Authored by Brendan Coles, Andy Nguyen, Szymon Janusz | Site metasploit.com

A heap out-of-bounds write affecting Linux since version 2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a denial of service (via heap memory corruption) through user name space. Kernels up to and including 5.11 are vulnerable.

tags | exploit, denial of service, kernel
systems | linux
advisories | CVE-2021-22555
SHA-256 | 7caefc49d920cc0b0d58e9ad762b7ffbd02e62e1e3225217c8586f8867ea42e8
Red Hat Security Advisory 2021-3725-01
Posted Oct 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3725-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and out of bounds write vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-32399, CVE-2021-37576
SHA-256 | 7f735d3b9f335568e537bf87b297d4d999b27ae17dfdcdf3cbb9a64d9adf1e4d
Red Hat Security Advisory 2021-3653-01
Posted Sep 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3653-01 - Red Hat Advanced Cluster Management 2.1.11 security fix and container updates are available.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-27777, CVE-2021-22555, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-36222, CVE-2021-3653, CVE-2021-37750
SHA-256 | 15f863255ce01b9af4125b6f699165597020889114335a232c7f75076dc7e35c
Red Hat Security Advisory 2021-3598-01
Posted Sep 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3598-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-27218, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3609, CVE-2021-37576, CVE-2021-38201, CVE-2021-38575
SHA-256 | 3a62781802214e6eb77a0d28fc9fa05ebee3d12366b8219cccc000ace400db7e
Kernel Live Patch Security Notice LSN-0081-1
Posted Sep 14, 2021
Authored by Benjamin M. Romer

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host’s physical memory. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Various other vulnerabilities were also addressed.

tags | advisory, kernel, vulnerability
systems | linux
advisories | CVE-2021-22555, CVE-2021-33909, CVE-2021-3653, CVE-2021-3656
SHA-256 | 051e461652f3d7e1d5f1bd5ab2e8d9f2f9a398877fa90de84818f4955d1a2074
Red Hat Security Advisory 2021-3522-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3522-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-8648, CVE-2021-22555, CVE-2021-32399, CVE-2021-3347
SHA-256 | 278d2ed0c28bf6ba05340a155eedabad14fb059810dc71e27737038d8af09c83
Red Hat Security Advisory 2021-3523-01
Posted Sep 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3523-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22555, CVE-2021-32399, CVE-2021-3347
SHA-256 | bdb0a589be9a82bc80e26fb172ccb2ff8eb347e0cd4360a09c342425bdded3fb
Red Hat Security Advisory 2021-3477-01
Posted Sep 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3477-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include code execution, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-22555, CVE-2021-31535, CVE-2021-32399, CVE-2021-3621, CVE-2021-3715
SHA-256 | 7dba6acf5672fd4d58b17b842295a37b3063e17a6e0780b04cab5d26aa25cbaf
Red Hat Security Advisory 2021-3454-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3454-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-20149, CVE-2020-27777, CVE-2021-22543, CVE-2021-22555, CVE-2021-27218, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3609
SHA-256 | ededc503492f31daf90a74b29a6e64b1e7ee98978cd963f10901af9667484f8e
Red Hat Security Advisory 2021-3262-01
Posted Sep 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3262-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.28.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-27218, CVE-2021-3121, CVE-2021-3609
SHA-256 | f37b42defebec364c01fe40a389041ab038a2ebaa9c66663dc7cc5a6686caeaf
Red Hat Security Advisory 2021-3399-01
Posted Sep 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3399-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22555, CVE-2021-32399, CVE-2021-3347
SHA-256 | 4494ee8b7be74847e36f59f258843bd1c2d73737a8e168d20950d6eff4f12b59
Red Hat Security Advisory 2021-3381-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3381-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-22555, CVE-2021-32399
SHA-256 | 64ce0e25045c339f14c4a8015442e0483e1eed693fd40f56c2b86d3191f7fd92
Red Hat Security Advisory 2021-3363-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3363-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-32399, CVE-2021-3609
SHA-256 | 1f8f21e611320f4e79e73a3064cf1dab34e3b8f319ead8c25c286bd61668aeb0
Red Hat Security Advisory 2021-3327-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3327-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-27777, CVE-2021-22555, CVE-2021-29154, CVE-2021-29650, CVE-2021-32399
SHA-256 | b20ba2534d111110aaf1bd0add4dc3ab65b04821835470cce71af9635bd44116
Red Hat Security Advisory 2021-3328-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3328-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22555, CVE-2021-29154, CVE-2021-29650, CVE-2021-32399
SHA-256 | 4f52d608a26aeced8b46022c6a00a641c50b6115116bab7260c93d4977dbab6a
Red Hat Security Advisory 2021-3380-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-32399, CVE-2021-3609
SHA-256 | 9161de7815c9e09218556b1e1c9ba84b4482049c547b905f2b2aed15769d346a
Red Hat Security Advisory 2021-3375-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3375-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-32399, CVE-2021-3609
SHA-256 | 3c42c7d7a3330ceecd8088a3c0d1507737c090dc39a9cee63488a3848aae6ae1
Red Hat Security Advisory 2021-3361-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3361-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a memory exhaustion vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-20271, CVE-2021-21419, CVE-2021-21623, CVE-2021-21639, CVE-2021-21640, CVE-2021-21648, CVE-2021-22543, CVE-2021-22555, CVE-2021-22918, CVE-2021-25735, CVE-2021-25737, CVE-2021-27218, CVE-2021-3114, CVE-2021-3121, CVE-2021-33195, CVE-2021-33196, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3520, CVE-2021-3537, CVE-2021-3541, CVE-2021-3609, CVE-2021-3636
SHA-256 | fa8792e889cba4980e5e69cc42c59e3108310c2072dfb34fffb0c3a8644d9099
Red Hat Security Advisory 2021-3321-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3321-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2021-22555, CVE-2021-32399
SHA-256 | 851ca164d09e57cc1cdce90971357142a9a5fc493377a1dacc6c0d53b0d73c12
Red Hat Security Advisory 2021-3235-01
Posted Aug 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3235-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, bypass, code execution, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-3609, CVE-2021-3621
SHA-256 | f286c4f6d85e2f33403a2dacd758e8f35f083b2b3b3b066fb546a1d7034c2479
Kernel Live Patch Security Notice LSN-0080-1
Posted Aug 18, 2021
Authored by Benjamin M. Romer

Andy Nguyen discovered that the netfilter subsystem in the Linux kernel contained an out-of-bounds write in its setsockopt() implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2021-22555
SHA-256 | 4af31b963bddcf331a7037ea35c40e4fbfd445f815d8756856219abad1f16c71
Red Hat Security Advisory 2021-3173-01
Posted Aug 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3173-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and out of bounds write vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-32399
SHA-256 | 6706e39f297e107f1ff1e1751358e3c5457202daa6e0d94e3fed4e3dad19e2f8
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close