CVE DATABASE / CVE-2021-22600
CVE-2021-22600
Linux Kernel Privilege Escalation Vulnerability
CVSS 6.6 · MEDIUM
⚠ CISA KEV — ACTIVELY EXPLOITED
On the CISA KEV catalog
Confirmed exploited in the wild. Added 2022-04-11.
Federal remediation due 2022-05-02.
Required action: Apply updates per vendor instructions.
Summary
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
CVSS 3.1 breakdown
| Base score | 6.6 (MEDIUM) |
| Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H |
| Attack vector | LOCAL |
| Attack complexity | HIGH |
| Privileges required | LOW |
| User interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality | LOW |
| Integrity | LOW |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Netapp 8300 firmwareNetapp 8300Netapp 8700 firmwareNetapp 8700Netapp a400 firmwareNetapp a400Netapp c400 firmwareNetapp c400Linux linux kernelDebian debian linuxNetapp h410c firmwareNetapp h410cNetapp h300s firmwareNetapp h300sNetapp h500s firmwareNetapp h500sNetapp h700s firmwareNetapp h700sNetapp h410s firmwareNetapp h410s
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
- https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
- https://security.netapp.com/advisory/ntap-20230110-0002/
- https://www.debian.org/security/2022/dsa-5096
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22600
Data: NIST NVD + CISA KEV. NVD last modified 2025-10-24. Always verify against the vendor advisory before acting.