CVE-2021-22555: 
Linux Kernel vulnerability analysis and mitigation

A heap out-of-bounds write vulnerability (CVE-2021-22555) was discovered in the Linux kernel's netfilter subsystem, specifically in net/netfilter/xtables.c. The vulnerability has existed since Linux version 2.6.19-rc1 and affects the processing of setsockopt IPTSOSETREPLACE (or IP6TSOSET_REPLACE) for 32-bit processes on 64-bit systems (CVE, NVD).

The vulnerability occurs in the xtcompattargetfromuser() function where the allocation size for converting 32-bit to 64-bit structures is not properly calculated. When IPTSOSETREPLACE or IP6TSOSETREPLACE is called in compat mode, the target->targetsize is not taken into account for the allocation size, leading to an out-of-bounds write. The issue allows writing up to 4 bytes of zeros past the allocated buffer boundary (GitHub Advisory).

The vulnerability allows local users to gain privileges or cause a denial of service through heap memory corruption when exploited through user namespace. The severity is rated as HIGH with a CVSS score of 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), potentially leading to disclosure of sensitive information, modification of data, or system crashes (NetApp Advisory).

The vulnerability was fixed in Linux kernel version 5.12 with commit b29c457a6511435960115c0f548c4360d5f4801d, and backported to stable versions 5.10.31, 5.4.113, 4.19.188, 4.14.231, 4.9.267, and 4.4.267. Users should update their Linux kernel to these patched versions or later (GitHub Advisory).