CVE-2021-22555— Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE

CVSS 8.3 · High KEV EPSS 86.30% · P99 Updated Jan 03, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-22555

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE

Source: NVD (National Vulnerability Database)

Vulnerability Description

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

跨界内存写

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在缓冲区错误漏洞，该漏洞源于net/netfilter/x_tables.c 中的堆越界写入。该漏洞允许攻击者通过用户名空间获得权限或引起 DoS。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Linux Kernel	2.6.19-rc1 ~ unspecified	-

II. Public POCs for CVE-2021-22555

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/JoneyJunior/cve-2021-22555	POC Details
2	CVE-2021-22555 Exploit	https://github.com/xyjl-ly/CVE-2021-22555-Exploit	POC Details
3	None	https://github.com/cgwalters/container-cve-2021-22555	POC Details
4	None	https://github.com/daletoniris/CVE-2021-22555-esc-priv	POC Details
5	CVE-2021-22555 exploit rewritten with pipe primitive	https://github.com/veritas501/CVE-2021-22555-PipeVersion	POC Details
6	Script of Network Security Project - Attack on CVE-2021-22555	https://github.com/masjohncook/netsec-project	POC Details
7	This repo hosts TUKRU's Linux Privilege Escalation exploit (CVE-2021-22555). It demonstrates gaining root privileges via a vulnerability. Tested on Ubuntu 5.8.0-48-generic and COS 5.4.89+. Use responsibly and ethically.	https://github.com/tukru/CVE-2021-22555	POC Details
8	Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation'	https://github.com/pashayogi/CVE-2021-22555	POC Details
9	None	https://github.com/kakaroot1337/-2021-LOCALROOT-CVE-2021-22555	POC Details
10	None	https://github.com/letsr00t/-2021-LOCALROOT-CVE-2021-22555	POC Details
11	None	https://github.com/letsr00t/CVE-2021-22555	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-22555

请登录查看更多情报信息。

Same Patch Batch · n/a · 2021-07-07 · 42 CVEs total

CVE-2021-33220		CommScope Ruckus IoT Controller 信任管理问题漏洞
CVE-2020-25925		IceWarp WebClient 跨站脚本漏洞
CVE-2021-26273		NinjaRMM 访问控制错误漏洞
CVE-2021-26274		NinjaRMM 安全漏洞
CVE-2021-28931		Fork CMS 代码问题漏洞
CVE-2021-31925		Pexip Infinity 输入验证错误漏洞
CVE-2021-33215		CommScope Ruckus IoT Controller 路径遍历漏洞
CVE-2021-33216		CommScope Ruckus IoT Controller 安全漏洞
CVE-2021-33217		CommScope Ruckus IoT Controller 缓冲区错误漏洞
CVE-2021-33218		CommScope Ruckus IoT Controller 信任管理问题漏洞
CVE-2021-33219		CommScope Ruckus IoT Controller 信任管理问题漏洞
CVE-2020-25868		Pexip Infinity 输入验证错误漏洞
CVE-2021-33221		CommScope Ruckus IoT Controller 访问控制错误漏洞
CVE-2021-21787		IOBit Advanced SystemCare 安全漏洞
CVE-2021-21788		IOBit Advanced SystemCare 安全漏洞
CVE-2021-21789		IOBit Advanced SystemCare 安全漏洞
CVE-2021-21786		Iobit IOBit Advanced SystemCare 访问控制错误漏洞
CVE-2020-23700		LavaLite 跨站脚本漏洞
CVE-2020-23702		PHP-Fusion 跨站脚本漏洞
CVE-2021-21775		WebKit WebKitGTK 资源管理错误漏洞

Showing top 20 of 42 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux Kernel

Same vendor: n/a

Same weakness: CWE-787

V. Comments for CVE-2021-22555

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-22555— Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE

I. Basic Information for CVE-2021-22555

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2021-22555

III. Intelligence Information for CVE-2021-22555

Same Patch Batch · n/a · 2021-07-07 · 42 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-22555

Leave a comment