Vulnerability intelligence
CVE-2021-22555
Linux Kernel Heap Out-of-Bounds Write Vulnerability
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
CVSS Score
8.3
High
EPSS — Exploit Probability
85%
Riskier than 99% of all CVEs
Exploitation
Confirmed in the wild
Used in ransomware campaigns
Remediation
Patch available
Federal deadline 2025-10-27
CISA required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Deadline for federal agencies: 2025-10-27.
1 article across 1 outlet · first covered May 7, 2026 · latest May 7, 2026
Coverage timeline
-
Office and Windows flaws boost exploit kits in Q1 2026securelist.com · May 7, 2026