CVE-2021-22555

CVE Database · CVE-2021-22555

CVE-2021-22555

· HIGHAnalyzed

CVSS v3.1

8.3

EPSS

78.68%

Published

Jul 7, 2021

Modified

Oct 27, 2025

CISA Known Exploited Vulnerability

Added: 2025-10-06 · Due: 2025-10-27

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Public PoC / Exploit (10)

All weaponized →

Exploit-DBLinux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation TrickestTrickest PoC index GitHub PoCveritas501/CVE-2021-22555-PipeVersion★40 GitHub PoCxyjl-ly/CVE-2021-22555-Exploit★14 GitHub PoCcgwalters/container-cve-2021-22555★4 GitHub PoCtukru/CVE-2021-22555★3 GitHub PoCJoneyJunior/cve-2021-22555★1 GitHub PoCdaletoniris/CVE-2021-22555-esc-priv★1 GitHub PoCmasjohncook/netsec-project★1 GitHub PoCSpydomain/CVE-2021-22555-Poc★1

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

CVSS Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787CWE-787

Affected Products (42)

netapp · c400_firmwarevulnerable

netapp · c400

netapp · c250_firmwarevulnerable

netapp · c250

netapp · h410c_firmwarevulnerable

netapp · h410c

netapp · h300s_firmwarevulnerable