Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2021-3609

UNKNOWN
Published 2022-03-03T18:24:59
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-3609. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-rv9w-mxpp-hwhj

Advisory Details

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-3609
WEB https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463
WEB https://access.redhat.com/errata/RHSA-2021:3044
WEB https://access.redhat.com/errata/RHSA-2021:3057
WEB https://access.redhat.com/errata/RHSA-2021:3088
WEB https://access.redhat.com/errata/RHSA-2021:3235
WEB https://access.redhat.com/errata/RHSA-2021:3363
WEB https://access.redhat.com/errata/RHSA-2021:3375
WEB https://access.redhat.com/errata/RHSA-2021:3380
WEB https://access.redhat.com/errata/RHSA-2021:3442
WEB https://access.redhat.com/errata/RHSA-2021:3444
WEB https://access.redhat.com/security/cve/CVE-2021-3609
WEB https://bugzilla.redhat.com/show_bug.cgi?id=1971651
WEB https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md
WEB https://security.netapp.com/advisory/ntap-20220419-0004
WEB https://www.openwall.com/lists/oss-security/2021/06/19/1

Advisory provided by GitHub Security Advisory Database. Published: March 4, 2022, Modified: March 17, 2022

References

https://bugzilla.redhat.com/show_bug.cgi?id=1971651
https://www.openwall.com/lists/oss-security/2021/06/19/1
https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md
https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463
https://security.netapp.com/advisory/ntap-20220419-0004/
Published: 2022-03-03T18:24:59
Last Modified: 2024-08-03T17:01:07.458Z
Copied to clipboard!