UBUNTU-CVE-2021-22555

Description

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

CVSS Metrics

• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• ubuntu•linux

  < 3.13.0-187.238 | < 4.4.0-213.245 | < 4.15.0-144.148 | < 5.4.0-74.83

• ubuntu•linux-aws

  < 4.4.0-1095.100 | < 4.4.0-1131.145 | < 4.15.0-1103.110 | < 5.4.0-1049.51

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.4

  < 5.4.0-1049.51~18.04.1

• ubuntu•linux-aws-fips

  < 4.15.0-2045.47 | all | < 5.4.0-1069.73+fips2

• ubuntu•linux-aws-hwe

  < 4.15.0-1103.110~16.04.1

• ubuntu•linux-azure

  < 4.15.0-1115.128~14.04.1 | < 4.15.0-1115.128~16.04.1 | all | < 5.4.0-1048.50

• ubuntu•linux-azure-4.15

  < 4.15.0-1115.128

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.4

  < 5.4.0-1048.50~18.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fips

  < 4.15.0-2027.30 | all | < 5.4.0-1073.76+fips1

• ubuntu•linux-bluefield

  < 5.4.0-1012.15

• ubuntu•linux-dell300x

  < 4.15.0-1022.26

• ubuntu•linux-fips

  < 4.4.0-1065.71 | all | < 4.15.0-1060.68

• ubuntu•linux-gcp

  < 4.15.0-1100.113~16.04.1 | all | < 5.4.0-1044.47

• ubuntu•linux-gcp-4.15

  < 4.15.0-1100.113

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.4

  < 5.4.0-1044.47~18.04.2

• ubuntu•linux-gcp-edge

  all

• ubuntu•linux-gcp-fips

  all | < 5.4.0-1067.71~20.04.1

• ubuntu•linux-gke

  < 5.4.0-1044.46

• ubuntu•linux-gke-4.15

  all

• ubuntu•linux-gke-5.4

  < 5.4.0-1044.46~18.04.1

• ubuntu•linux-gkeop

  < 5.4.0-1016.17

• ubuntu•linux-gkeop-5.4

  < 5.4.0-1016.17~18.04.1

• ubuntu•linux-hwe

  < 4.15.0-144.148~16.04.1 | all

• ubuntu•linux-hwe-5.4

  < 5.4.0-74.83~18.04.1

• ubuntu•linux-hwe-5.8

  < 5.8.0-55.62~20.04.1

• ubuntu•linux-hwe-edge

  all | all

• ubuntu•linux-intel-iot-realtime

  all

• ubuntu•linux-kvm

  < 4.4.0-1096.105 | < 4.15.0-1092.94 | < 5.4.0-1040.41

• ubuntu•linux-lts-xenial

  < 4.4.0-213.245~14.04.1

• ubuntu•linux-nvidia

  all

• ubuntu•linux-oem

  all

• ubuntu•linux-oem-5.10

  < 5.10.0-1025.26

• ubuntu•linux-oem-5.6

  all

• ubuntu•linux-oracle

  < 4.15.0-1072.80~16.04.1 | < 4.15.0-1072.80 | < 5.4.0-1046.50

• ubuntu•linux-oracle-5.0

  all

• ubuntu•linux-oracle-5.3

  all

• ubuntu•linux-oracle-5.4

  < 5.4.0-1046.50~18.04.2

• ubuntu•linux-raspi

  < 5.4.0-1036.39

• ubuntu•linux-raspi-5.4

  < 5.4.0-1036.39~18.04.1

• ubuntu•linux-raspi-realtime

  all

• ubuntu•linux-raspi2

  < 4.15.0-1086.91 | all

• ubuntu•linux-realtime

  all

• ubuntu•linux-riscv

  all

• ubuntu•linux-riscv-5.8

  < 5.8.0-26.28~20.04.1

• ubuntu•linux-snapdragon

  < 4.15.0-1103.112

References (7)

• https://ubuntu.com/security/CVE-2021-22555
• https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21
• https://ubuntu.com/security/notices/USN-5039-1
• https://www.cve.org/CVERecord?id=CVE-2021-22555
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog