Linux Kernel Privilege Escalation Vulnerability (CVE-2021-22600)
Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.
A local attacker, with a low-privilege account, can achieve full data confidentiality loss, partial data tampering, complete denial of service or system unavailability. Federal agencies are required to remediate by 2022-05-02 under CISA BOD 22-01.
This is a Software Vulnerability (CWE-415) (CWE-415) vulnerability in Linux Kernel. A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 Exploitation requires local access, higher attack complexity, a low-privilege authenticated account, and user interaction required.
Probably yes if any of these apply:
CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2022-04-11 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2022-05-02.
Get the fix
Apply the fixed package from your vendor. The advisory lists affected versions and the exact fixed build.
↗ Red Hat advisoryManual remediation steps
No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.
References
Related vulnerabilities
KB5000871: Windows Server 2016 / 2019 Security Update (May 2026)
Microsoft Exchange Server
CVE-2021-26855
MEDIUM6.5Microsoft Defender for Identity Improper Authentication — Spoofing (CVE-2025-26685)
Microsoft Defender for Identity
CVE-2025-26685
HIGHIIS Security Updates Require Both Windows Update and Manual Configuration Review
Microsoft IIS