CVE-2021-22555: 
Linux Kernel vulnerability analysis and mitigation

A heap out-of-bounds write vulnerability (CVE-2021-22555) was discovered in the Linux kernel's netfilter subsystem, specifically in net/netfilter/x_tables.c. The vulnerability has existed since Linux version 2.6.19-rc1 and affects the processing of setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32-bit processes on 64-bit systems (CVE, NVD).

The vulnerability occurs in the xt_compat_target_from_user() function where the allocation size for converting 32-bit to 64-bit structures is not properly calculated. When IPT_SO_SET_REPLACE or IP6T_SO_SET_REPLACE is called in compat mode, the target->targetsize is not taken into account for the allocation size, leading to an out-of-bounds write. The issue allows writing up to 4 bytes of zeros past the allocated buffer boundary (GitHub Advisory).

The vulnerability allows local users to gain privileges or cause a denial of service through heap memory corruption when exploited through user namespace. The severity is rated as HIGH with a CVSS score of 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), potentially leading to disclosure of sensitive information, modification of data, or system crashes (NetApp Advisory).

The vulnerability was fixed in Linux kernel version 5.12 with commit b29c457a6511435960115c0f548c4360d5f4801d, and backported to stable versions 5.10.31, 5.4.113, 4.19.188, 4.14.231, 4.9.267, and 4.4.267. Users should update their Linux kernel to these patched versions or later (GitHub Advisory).