UBUNTU-CVE-2021-22600

Details

A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

Affected Packages(207 packages)

linux

Ubuntu 22.04 LTS

Affected versions:

5.13.0-19.19

Fixed in:

5.15.0-17.17

linux

Ubuntu 24.04 LTS

Fixed in:

6.5.0-9.9

linux

Ubuntu 20.04 LTS

Affected versions:

5.3.0-18.195.3.0-24.265.4.0-18.225.4.0-21.255.4.0-24.285.4.0-25.295.4.0-26.305.4.0-28.325.4.0-29.335.4.0-31.35+41 more

Fixed in:

5.4.0-100.113

linux

Ubuntu 25.04

Fixed in:

6.11.0-8.8

linux

Ubuntu 14.04 LTS

Fixed in:

3.11.0-12.19

linux

Ubuntu 16.04 LTS

Affected versions:

4.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.18

Fixed in:

4.4.0-2.16

linux

Ubuntu 18.04 LTS

Affected versions:

4.13.0-16.194.13.0-17.204.13.0-25.294.13.0-32.354.15.0-10.114.15.0-101.1024.15.0-106.1074.15.0-108.1094.15.0-109.1104.15.0-111.112+78 more

Fixed in:

4.15.0-169.177

linux-aws

Ubuntu 22.04 LTS

Affected versions:

5.13.0-1005.6

Fixed in:

5.15.0-1002.4

linux-aws

Ubuntu 20.04 LTS

Affected versions:

5.3.0-1003.35.3.0-1008.95.3.0-1009.105.3.0-1010.115.4.0-1005.55.4.0-1007.75.4.0-1008.85.4.0-1009.95.4.0-1011.115.4.0-1015.15+34 more

Fixed in:

5.4.0-1066.69

linux-aws

Ubuntu 24.04 LTS

Fixed in:

6.5.0-1008.8

References

REPORThttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 REPORThttps://ubuntu.com/security/CVE-2021-22600 ADVISORYhttps://ubuntu.com/security/notices/USN-5266-1 ADVISORYhttps://ubuntu.com/security/notices/USN-5278-1 ADVISORYhttps://ubuntu.com/security/notices/USN-5294-1 ADVISORYhttps://ubuntu.com/security/notices/USN-5294-2 ADVISORYhttps://ubuntu.com/security/notices/USN-5295-1 ADVISORYhttps://ubuntu.com/security/notices/USN-5295-2 ADVISORYhttps://ubuntu.com/security/notices/USN-5298-1 REPORThttps://www.cisa.gov/known-exploited-vulnerabilities-catalog REPORThttps://www.cve.org/CVERecord?id=CVE-2021-22600

UBUNTU-CVE-2021-22600

Details

Affected Packages(207 packages)

References

CVSS Analysis

Upstream

Related

Ecosystems(30)

Timeline