admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 10:41:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2021/CVE-2021-22600.md

23 lines
1.1 KiB
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2021-22600](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22600)
![](https://img.shields.io/static/v1?label=Product&message=Kernel&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%205.4.168%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-415%20Double%20Free&color=brighgreen)
### Description
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
### POC
#### Reference
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/r4j0x00/exploits
- https://github.com/terawhiz/exploits
Reference in New Issue Copy Permalink