CVE-2021-22600
published 2022-01-26CVE-2021-22600: A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny…
PriorityP182high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-05-02
Exploited in the wild
EPSS
5.92%
92.3th percentile
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 5.15.15-1 (bookworm) | linux 5.15.15-1 (bookworm) |
| android | — | — | |
| linux | linux_kernel | >= 0 < 5.10.92-1 | 5.10.92-1 |
| linux | linux_kernel | >= 0 < 5.15.15-1 | 5.15.15-1 |
| linux | linux_kernel | >= 0 < 5.15.15-1 | 5.15.15-1 |
| linux | linux_kernel | >= 0 < 5.15.15-1 | 5.15.15-1 |
| linux | linux_kernel | >= 0 < 4.15.0-169.177 | 4.15.0-169.177 |
| linux | linux_kernel | >= 0 < 5.4.0-100.113 | 5.4.0-100.113 |
| linux | linux_kernel | >= 4.14.175 < 4.14.259 | 4.14.259 |
| linux | linux_kernel | >= 4.19.114 < 4.19.222 | 4.19.222 |
| linux | linux_kernel | >= 5.11 < 5.15.11 | 5.15.11 |
| linux | linux_kernel | >= 5.4.29 < 5.4.168 | 5.4.168 |
| linux | linux_kernel | >= 5.5.14 < 5.10.88 | 5.10.88 |
| linux_kernel | kernel | >= unspecified < 5.4.168 | 5.4.168 |
| linux_kernel | kernel | >= unspecified < 5.10.88 | 5.10.88 |
| linux_kernel | kernel | >= unspecified < 5.15.11 | 5.15.11 |
| linux_kernel | kernel | >= unspecified < 5.16-rc6 | 5.16-rc6 |
| msrc | cbl2_kernel_5.15.18.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability is triggered via crafted syscalls targeting packet_set_ring() in the AF_PACKET socket implementation; monitor for unusual AF_PACKET socket creation (socket(AF_PACKET, ...)) by unprivileged local users. ↗
- →This CVE is listed in CISA KEV as actively exploited; prioritize detection of local privilege escalation attempts via the packet socket (AF_PACKET) subsystem. ↗
- →Exploitation results in a double-free condition; kernel crash (system crash) or unexpected privilege escalation of a local process to root are key behavioral indicators. ↗
- ·Fix is tied to a specific upstream kernel commit; systems must be rebuilt or upgraded past commit ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 to be remediated. ↗
- ·Debian fixed versions: bookworm/forky/sid/trixie resolved in 5.15.15-1; bullseye resolved in 5.10.92-1. Kernels older than these remain vulnerable. ↗
CVSS provenance
nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.0HIGH
vulncheck6.6MEDIUM
cisa7.0HIGH
vendor_msrc7.0HIGH
vendor_debian6.6MEDIUM
vendor_redhat6.6MEDIUM
vendor_ubuntu6.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2021-22600: In packet_set_ring of af_packet
osv·2022-05-01
CVE-2021-22600 CVE-2021-22600: In packet_set_ring of af_packet
In packet_set_ring of af_packet.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
osv·2022-02-22·CVSS 7.0
CVE-2021-22600 [HIGH] linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Jürgen Groß discovered that the Xen subsystem within the Linux kernel did
not adequately limit the number of events driver domains (unprivileged PV
backends) could send to other guest VMs. An attacker in a driver domain
could use this to cause a denial of service in other guest VMs.
(CVE-2021-28711, CVE-2021-28712, CVE-2021-28713)
Jürgen Groß discovered that the
OSV
linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4 linux-oracle,
osv·2022-02-22·CVSS 7.0
[HIGH] linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4 linux-oracle,
linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4 linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Szymon Heidrich discovered that the USB Gadget subsystem in the Linux
kernel did not properly restrict the size of control requests for certain
gadget types, leading to possible out of bounds reads or writes. A local
attacker could use this to cause a denial of service (system cra
OSV
linux, linux-aws, linux-aws-5.13, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities
osv·2022-02-22·CVSS 7.0
CVE-2021-22600 [HIGH] linux, linux-aws, linux-aws-5.13, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities
linux, linux-aws, linux-aws-5.13, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that could result in a read-after-free.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-4083)
Kirill Tkhai discovered that the XFS file system implementation in the
Linux kernel did not calculate size correctly when pre-allocating space in
OSV
linux vulnerabilities
osv·2022-02-18·CVSS 7.0
CVE-2021-22600 [HIGH] linux vulnerabilities
linux vulnerabilities
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Szymon Heidrich discovered that the USB Gadget subsystem in the Linux
kernel did not properly restrict the size of control requests for certain
gadget types, leading to possible out of bounds reads or writes. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-39685)
Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that could result in a read-after-free.
A local attacker could use this to cause a d
OSV
linux-hwe-5.13 vulnerabilities
osv·2022-02-18·CVSS 7.0
CVE-2021-22600 [HIGH] linux-hwe-5.13 vulnerabilities
linux-hwe-5.13 vulnerabilities
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that could result in a read-after-free.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-4083)
Kirill Tkhai discovered that the XFS file system implementation in the
Linux kernel did not calculate size correctly when pre-allocating space in
some situations. A local attacker could use this to expose sensitive
information. (CVE-2021-4155)
OSV
linux-oem-5.14 vulnerabilities
osv·2022-02-09·CVSS 4.7
CVE-2022-24122 [MEDIUM] linux-oem-5.14 vulnerabilities
linux-oem-5.14 vulnerabilities
It was discovered that the rlimit tracking for user namespaces in the Linux
kernel did not properly perform reference counting, leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service or possibly execute arbitrary code. (CVE-2022-24122)
It was discovered that the BPF verifier in the Linux kernel did not
properly restrict pointer types in certain situations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-23222)
Jeremy Cline discovered a use-after-free in the nouveau graphics driver of
the Linux kernel during device removal. A privileged or physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-20
OSV
linux-gke, linux-gke-5.4 vulnerabilities
osv·2022-02-03·CVSS 7.0
CVE-2021-22600 [HIGH] linux-gke, linux-gke-5.4 vulnerabilities
linux-gke, linux-gke-5.4 vulnerabilities
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel
did not properly perform bounds checking in some situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-42739)
GHSA
GHSA-6rrc-7vqp-364c: A double free bug in packet_set_ring() in net/packet/af_packet
ghsa_unreviewed·2022-01-27
CVE-2021-22600 [HIGH] CWE-415 GHSA-6rrc-7vqp-364c: A double free bug in packet_set_ring() in net/packet/af_packet
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
OSV
CVE-2021-22600: A double free bug in packet_set_ring() in net/packet/af_packet
osv·2022-01-26·CVSS 7.0
CVE-2021-22600 [HIGH] CVE-2021-22600: A double free bug in packet_set_ring() in net/packet/af_packet
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
VulnCheck
Linux Kernel Privilege Escalation Vulnerability
vulncheck·2021·CVSS 6.6
CVE-2021-22600 [MEDIUM] CWE-415 Linux Kernel Privilege Escalation Vulnerability
Linux Kernel Privilege Escalation Vulnerability
Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.
Affected: Linux Kernel
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://raw.githubusercontent.com/blackorbird/APT_REPORT/master/summary/2023/360_APT_Annual_Research_Report_2022.pdf; https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors
Android
CVE-2021-22600: Kernel
vendor_android·2022-05-01·CVSS 6.6
CVE-2021-22600 [MEDIUM] CVE-2021-22600: Kernel
Android Security Bulletin 2022-05-01
CVE: CVE-2021-22600
Severity: MEDIUM
Type: EoP
Component: Kernel
References: A-213464034
Upstream kernel
CISA
Linux Kernel Privilege Escalation Vulnerability
cisa·2022-04-11·CVSS 7.0
CVE-2021-22600 [HIGH] CWE-415 Linux Kernel Privilege Escalation Vulnerability
Vulnerability: Linux Kernel Privilege Escalation Vulnerability
Affected: Linux Kernel
Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-22600
Remediation Due Date: 2022-05-02
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-02-22·CVSS 6.6
CVE-2021-43975 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Szymon Heidrich discovered that the USB Gadget subsystem in the Linux
kernel did not properly restrict the size of control requests for certain
gadget types, leading to possible out of bounds reads or writes. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-39685)
Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-02-22·CVSS 6.6
CVE-2021-22600 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that could result in a read-after-free.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-4083)
Kirill Tkhai discovered that the XFS file system implementation in the
Linux kernel did not calculate size correctly when pre-allocating space in
some situations. A local att
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-02-22·CVSS 6.6
CVE-2021-39685 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Jürgen Groß discovered that the Xen subsystem within the Linux kernel did
not adequately limit the number of events driver domains (unprivileged PV
backends) could send to other guest VMs. An attacker in a driver domain
could use this to cause a denial of service in other guest VMs.
(CVE-2021-28711, CVE-2021-28712, CVE-2021-28713)
Jürgen Groß discovered that the Xen network backend driver in the Linux
kernel did not adequately limit the
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2022-02-18·CVSS 6.6
CVE-2021-4083 [MEDIUM] Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that could result in a read-after-free.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-4083)
Kirill Tkhai discovered that the XFS file system implementation in the
Linux kernel did not calculate size correctly when pre-allocating space in
some situations. A loc
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-02-18·CVSS 6.6
CVE-2021-4202 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Szymon Heidrich discovered that the USB Gadget subsystem in the Linux
kernel did not properly restrict the size of control requests for certain
gadget types, leading to possible out of bounds reads or writes. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-39685)
Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2022-02-09·CVSS 4.7
CVE-2022-23222 [MEDIUM] Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the rlimit tracking for user namespaces in the Linux
kernel did not properly perform reference counting, leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service or possibly execute arbitrary code. (CVE-2022-24122)
It was discovered that the BPF verifier in the Linux kernel did not
properly restrict pointer types in certain situations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-23222)
Jeremy Cline discovered a use-after-free in the nouveau graphics driver of
the Linux kernel during device removal. A privileged or physically
proximate
Ubuntu
Linux kernel (GKE) vulnerabilities
vendor_ubuntu·2022-02-03·CVSS 6.6
CVE-2021-22600 [MEDIUM] Linux kernel (GKE) vulnerabilities
Title: Linux kernel (GKE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel
did not properly perform bounds checking in some situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-42739)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel u
Microsoft
Double Free in net/packet/af_packet.c leading to priviledge escalation
vendor_msrc·2022-01-11·CVSS 7.0
CVE-2021-22600 [MEDIUM] CWE-415 Double Free in net/packet/af_packet.c leading to priviledge escalation
Double Free in net/packet/af_packet.c leading to priviledge escalation
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Google: Google
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Referen
Red Hat
kernel: double free in packet_set_ring() in net/packet/af_packet.c
vendor_redhat·2021-12-15·CVSS 6.6
CVE-2021-22600 [MEDIUM] CWE-416 kernel: double free in packet_set_ring() in net/packet/af_packet.c
kernel: double free in packet_set_ring() in net/packet/af_packet.c
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
A double-free flaw was found in the Linux kernel’s packet protocol subsystem in the way a user call triggers the packet_set_ring() function of the net/packet/af_packet.c. This flaw allows a local user to crash or escalate their privileges on the system.
Statement: The Red Hat Enterprise Linux versions before 9 are not affected, because the commit that introduced the bug is not in currently supported versions of Red Hat Enterprise Linux. The commi
Debian
CVE-2021-22600: linux - A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploite...
vendor_debian·2021·CVSS 6.6
CVE-2021-22600 [MEDIUM] CVE-2021-22600: linux - A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploite...
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755
Scope: local
bookworm: resolved (fixed in 5.15.15-1)
bullseye: resolved (fixed in 5.10.92-1)
forky: resolved (fixed in 5.15.15-1)
sid: resolved (fixed in 5.15.15-1)
trixie: resolved (fixed in 5.15.15-1)
No detection rules found.
No public exploits indexed.
Checkpoint
9th May – Threat Intelligence Report
blogs_checkpoint·2022-05-09
CVE-2021-22600 9th May – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 9th May – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 9th May, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
The Ukrainian IT army has disrupted Russia’s alcohol distribution by performing DDoS attacks to limit access to a portal called State Automated Alcohol Accounting Information System (EGAIS) used by the Russian government.
Pro-Ukrainian actors have used compromised Docker Engine honeypots to execute two Docker images downloaded ove
arXiv
Beyond Control: Exploring Novel File System Objects for Data-Only Attacks on Linux Systems
arxiv_fulltext·2024-09-07
Beyond Control: Exploring Novel File System Objects for Data-Only Attacks on Linux Systems
Beyond Control: Exploring Novel File System Objects for Data-Only Attacks on Linux Systems
Jinmeng Zhou, Jiayi Hu, Ziyue Pan, Jiaxun Zhu, Wenbo Shen, Guoren Li, Zhiyun Qian
Jinmeng Zhou, Jiayi Hu, Ziyue Pan, Jiaxun Zhu and Wenbo Shen are with the College of Computer Science and Technology at Zhejiang University, Hangzhou, Zhejiang, 310027, China.
Email: \jinmengzhou, hujiayi, ziyuepan, sevenswords, shenwenbo\@zju.edu.cn;
Guoren Li and Zhiyun Qian are with the Department of Computer Science and Engineering, University of California, Riverside 92521, USA.
Email: [email protected] and [email protected];
Wenbo Shen is the corresponding author.
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. XX, 20XX
Shell et al.: A Sample Article Using IEEEtran.cls for IEEE Journals
## Abstra
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755https://lists.debian.org/debian-lts-announce/2022/03/msg00012.htmlhttps://security.netapp.com/advisory/ntap-20230110-0002/https://www.debian.org/security/2022/dsa-5096https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755https://lists.debian.org/debian-lts-announce/2022/03/msg00012.htmlhttps://security.netapp.com/advisory/ntap-20230110-0002/https://www.debian.org/security/2022/dsa-5096https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22600
2022-01-26
Published
2022-04-11
Added to CISA KEV
Exploited in the wild