A local privilege escalation vulnerability (CVE-2021-22555) was recently discovered in the Linux Netfilter module. This vulnerability was exploited in kCTF to attack Kubernetes pod containers to achieve container escape. CVE-2021-22555 poses high risks. We recommend that you detect and fix it as soon as possible.
- Vulnerability ID: CVE-2021-22555
- Vulnerability severity: high
- Affected versions: Linux operating systems whose kernel versions are
- Affected Elastic Compute Service (ECS) images:
- Alibaba Cloud Linux 2/3
- CentOS 7/8
- RedHat 7/8
- Ubuntu 14/16/18/20
- Debian 8/9/10
- SUSE Linux Enterprise Server 12/15
- OpenSUSE 42.3/15
A heap out-of-bound write vulnerability was found in the IPT_SO_SET_REPLACE or IP6T_SO_SET_REPLACE setsockopt implementations in the Linux Netfilter module. This vulnerability allows local users to escalate privileges by using username space and can be exploited in kCTF to attack Kubernetes pod containers to achieve container escape. This vulnerability has existed in Linux kernel code for 15 years.
RedHat provides the following temporary fix suggestion:
echo 0 > /proc/sys/user/max_user_namespaces
- Linux: Heap Out-Of-Bounds Write in xt_compat_target_from_user
- CVE-2021-22555 Detail
If you have any questions or feedback, submit a ticket to contact Alibaba Cloud.
Alibaba Cloud Computing Co., Ltd.