Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2021-22555

Description

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

POC

Reference

- http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html

- http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html

- http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html

- http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html

- http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html

- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21

- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d

- https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528

Github

- https://github.com/0xor0ne/awesome-list

- https://github.com/1nzag/CVE-2022-0995

- https://github.com/20142995/sectool

- https://github.com/43622283/awesome-cloud-native-security

- https://github.com/ARPSyndicate/cvemon

- https://github.com/AbdoFarid1/R00tKeep3r

- https://github.com/Al1ex/LinuxEelvation

- https://github.com/AndreevSemen/CVE-2022-0995

- https://github.com/AvavaAYA/ctf-writeup-collection

- https://github.com/B0nfee/CVE-2022-0995

- https://github.com/Bonfee/CVE-2022-0995

- https://github.com/Ch4nc3n/PublicExploitation

- https://github.com/ChoKyuWon/exploit_articles

- https://github.com/Coolaid003/Security-Research

- https://github.com/Dikens88/hopp

- https://github.com/DrewSC13/Linpeas

- https://github.com/EGI-Federation/SVG-advisories

- https://github.com/Faizan-Khanx/PYTHA-SHELL

- https://github.com/Ha0-Y/LinuxKernelExploits

- https://github.com/Ha0-Y/kernel-exploit-cve

- https://github.com/HaxorSecInfec/autoroot.sh

- https://github.com/Jalexander798/JA_Tools-Cybersecurity-Resource-2

- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits

- https://github.com/JoneyJunior/cve-2021-22555

- https://github.com/LouisLiuNova/container-escape-exploits

- https://github.com/Maikefee/linux-exploit-hunter

- https://github.com/Metarget/awesome-cloud-native-security

- https://github.com/Metarget/metarget

- https://github.com/Mr-xn/Penetration_Testing_POC

- https://github.com/NaInSec/CVE-PoC-in-GitHub

- https://github.com/PIG-007/kernelAll

- https://github.com/PsychoH4x0r/Unknown1337-Auto-Root-

- https://github.com/SYRTI/POC_to_review

- https://github.com/Snoopy-Sec/Localroot-ALL-CVE

- https://github.com/TrojanAZhen/Self_Back

- https://github.com/WatPow/marine-ctf

- https://github.com/WhooAmii/POC_to_review

- https://github.com/XiaozaYa/CVE-Recording

- https://github.com/YunDingLab/struct_sanitizer

- https://github.com/a-ramses/security-research

- https://github.com/a-roshbaik/Linux-Privilege-Escalation-Exploits

- https://github.com/adavarski/HomeLab-Proxmox-k8s-DevSecOps-playground

- https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground

- https://github.com/ahmmmeeedsherif/Linux-Privilege-Escalation-Enumeration

- https://github.com/arttnba3/D3CTF2023_d3kcache

- https://github.com/atesemre/awesome-cloud-native-security

- https://github.com/bachkhoasoft/awesome-list-ks

- https://github.com/bcoles/kasld

- https://github.com/bcoles/kernel-exploits

- https://github.com/bsauce/bsauce

- https://github.com/bsauce/kernel-exploit-factory

- https://github.com/bsauce/kernel-security-learning

- https://github.com/bytedance/vArmor

- https://github.com/cgwalters/container-cve-2021-22555

- https://github.com/cpuu/LinuxKernelCVE

- https://github.com/ctrsploit/ctrsploit

- https://github.com/daletoniris/CVE-2021-22555-esc-priv

- https://github.com/gglessner/Rocky

- https://github.com/google/security-research

- https://github.com/hac425xxx/heap-exploitation-in-real-world

- https://github.com/hacking-kubernetes/hacking-kubernetes.info

- https://github.com/hardenedvault/vault_range_poc

- https://github.com/hardenedvault/ved

- https://github.com/huike007/penetration_poc

- https://github.com/huisetiankong478/penetration_poc

- https://github.com/iridium-soda/container-escape-exploits

- https://github.com/j4k0m/really-good-cybersec

- https://github.com/jbeagles8755a0/security-research

- https://github.com/joydo/CVE-Writeups

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/kdn111/linux-kernel-exploitation

- https://github.com/khanhdn111/linux-kernel-exploitation

- https://github.com/khanhdz-06/linux-kernel-exploitation

- https://github.com/khanhdz191/linux-kernel-exploitation

- https://github.com/khanhhdz/linux-kernel-exploitation

- https://github.com/khanhhdz06/linux-kernel-exploitation

- https://github.com/khanhnd123/linux-kernel-exploitation

- https://github.com/khnhdz/linux-kernel-exploitation

- https://github.com/knd06/linux-kernel-exploitation

- https://github.com/ldrx30/LinuxKernelExploits

- https://github.com/letsr00t/-2021-LOCALROOT-CVE-2021-22555

- https://github.com/letsr00t/CVE-2021-22555

- https://github.com/lions2012/Penetration_Testing_POC

- https://github.com/ma7moudShaaban/R00tKeep3r

- https://github.com/makoto56/penetration-suite-toolkit

- https://github.com/manas3c/CVE-POC

- https://github.com/masjohncook/netsec-project

- https://github.com/n0-traces/cve_monitor

- https://github.com/ndk06/linux-kernel-exploitation

- https://github.com/ndk191/linux-kernel-exploitation

- https://github.com/nisadevi11/Localroot-ALL-CVE

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/pashayogi/CVE-2021-22555

- https://github.com/reni2study/Cloud-Native-Security2

- https://github.com/shannonmullins/hopp

- https://github.com/ssr-111/linux-kernel-exploitation

- https://github.com/ssst0n3/ctrsploit_archived

- https://github.com/substing/internal_ctf

- https://github.com/talent-x90c/cve_list

- https://github.com/teamssix/container-escape-check

- https://github.com/trhacknon/Pocingit

- https://github.com/tukru/CVE-2021-22555

- https://github.com/veritas501/CVE-2021-22555-PipeVersion

- https://github.com/veritas501/pipe-primitive

- https://github.com/vlain1337/auto-lpe

- https://github.com/whoforget/CVE-POC

- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-

- https://github.com/wkhnh06/linux-kernel-exploitation

- https://github.com/x90hack/vulnerabilty_lab

- https://github.com/xairy/linux-kernel-exploitation

- https://github.com/xuetusummer/Penetration_Testing_POC

- https://github.com/xyjl-ly/CVE-2021-22555-Exploit

- https://github.com/youwizard/CVE-POC

- https://github.com/zecool/cve

- https://github.com/zzcentury/PublicExploitation