CISA KEV 정보
| 취약점명 | Linux Kernel Heap Out-of-Bounds Write Vulnerability |
|---|---|
| 설명 | Linux Kernel contains a heap out-of-bounds write vulnerability that could allow an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space. |
| 조치사항 | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. |
| 랜섬웨어 캠페인 악용 | Unknown |
| CWE | CWE-787 |
| 등록일 (KEV) | 2025-10-06 |
| 조치 기한 | 2025-10-27 |
| 추가 참고 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21 ; https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d ; https://security.netapp.com/advisory/ntap-20210805-0010/ ; https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528 ; https://nvd.nist.gov/vuln/detail/CVE-2021-22555 |
NVD 상세 정보
CVSS v3.1: 8.3 HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HCVSS v2.0: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P설명: A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
CWE: CWE-787 | CWE-787
참조
- http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html [Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html [Exploit, Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html [Exploit, Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html [Exploit, Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html [Exploit, Third Party Advisory, VDB Entry]
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21 [Mailing List, Patch, Vendor Advisory]
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d [Mailing List, Patch, Vendor Advisory]
- https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528 [Exploit, Third Party Advisory]
- https://security.netapp.com/advisory/ntap-20210805-0010/ [Third Party Advisory]
- http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html [Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html [Exploit, Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html [Exploit, Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html [Exploit, Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html [Exploit, Third Party Advisory, VDB Entry]
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21 [Mailing List, Patch, Vendor Advisory]
- ... 외 4건
This product uses the NVD API but is not endorsed or certified by the NVD.