Main Vulnerability Database Exploits ID:11973 - Exploit for Double Free in Linux kernel - CVE-2021-22600

ID:11973 - Exploit for Double Free in Linux kernel - CVE-2021-22600

Published: September 19, 2025

Vulnerability identifier: #VU63766

Vulnerability risk: High

CVE-ID: CVE-2021-22600

CWE-ID: CWE-415

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://github.com/Chinmay1743/af_packet.c

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the packet_set_ring() function in net/packet/af_packet.c. A local user can pass specially crafted data to the application, trigger double free error and escalate privileges on the system.

Note, the vulnerability is being actively exploited in the wild against Android users.

Remediation

Install updates from vendor's website.

ID:11973 - Exploit for Double Free in Linux kernel - CVE-2021-22600

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human