12 matches found
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2024-0014)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt...
USN-5505-1: Linux kernel vulnerabilities
Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...
CVE-2021-3609
CVE-2021-3609 is a local privilege-escalation flaw in the Linux kernel CAN BCM subsystem. A race in net/can/bcm.c between bcm_rx_handler() and bcm_release() can free bcm_op/bcm_sock structures while the handler runs, enabling use-after-free and root access. Public advisories consistently describe...
Ubuntu: Security Advisory (USN-4997-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:2687-1 Rating: important References: 1065729 1085224 1094840 1113295 1152472 1152489 1153274 1154353 1155518 1156395 1170511 1176447 1176940 1179243 1180092 1180814 1183871 1184114 1184350 1184631...
Debian: Security Advisory (DSA-4941-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2714-1] linux-4.19 security update
Debian LTS Advisory DLA-2714-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings July 20, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.194-3deb9u1 CVE ID : CVE-2020-36311 CVE-2021-3609 CVE-2021-33909 CVE-2021-34693 Debian Bug : 990072 Several...
Ubuntu: Security Advisory (USN-5002-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4999-1: Linux kernel vulnerabilities
Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Piotr Krysiuk discovered that the eBPF implementation in the Linux...
Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5003-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5003-1 advisory. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free...
Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerability (USN-5002-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5002-1 advisory. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local...
CVE-2021-3609
A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. Mitigation As the CAN module will be auto-loaded when required, its use can be disabled by preventing t...