Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2021-3609
HistoryJun 21, 2021 - 12:00 a.m.

CVE-2021-3609

2021-06-2100:00:00
ubuntu.com
ubuntu.com
52

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

.A flaw was found in the CAN BCM networking protocol in the Linux kernel,
where a local attacker can abuse a flaw in the CAN subsystem to corrupt
memory, crash the system or escalate privileges. This race condition in
net/can/bcm.c in the Linux kernel allows for local privilege escalation to
root.

Bugs

Notes

Author Note
cascardo On 4.4 kernels, a CAN device needs to be present. Otherwise, a virtual device cannot be created without manually loading vcan module.
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-147.151UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-77.86UNKNOWN
ubuntu20.10noarchlinux< 5.8.0-59.66UNKNOWN
ubuntu21.04noarchlinux< 5.11.0-22.23UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-229.263) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1106.113UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1051.53UNKNOWN
ubuntu20.10noarchlinux-aws< 5.8.0-1038.40UNKNOWN
ubuntu21.04noarchlinux-aws< 5.11.0-1011.11UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1109.115) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
Rows per page:
1-10 of 701

Related

photon 7
nessus 69
ubuntu 12
cbl_mariner 1
prion 1
veracode 1
openvas 42
osv 16
debiancve 1
cnvd 1
cve 1
redhatcve 1
ibm 2
cloudlinux 2
fedora 2
rocky 2
redhat 13
archlinux 4
mageia 2
oraclelinux 6
almalinux 1
debian 5
suse 4
cloudfoundry 1
amazon 1
redos 1
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0363
2021-06-24 00:00:00
Important Photon OS Security Update - PHSA-2021-0259
2021-06-25 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0408
2021-06-24 00:00:00
nessus
nessus
Photon OS 2.0: Linux PHSA-2021-2.0-0363
2021-06-25 00:00:00
Photon OS 1.0: Linux PHSA-2021-1.0-0408
2021-07-01 00:00:00
Photon OS 3.0: Linux PHSA-2021-3.0-0259
2021-06-25 00:00:00
ubuntu
ubuntu
Kernel Live Patch Security Notice
2021-07-19 00:00:00
Linux kernel (HWE) vulnerability
2021-06-23 00:00:00
Linux kernel vulnerabilities
2021-06-23 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-3609 affecting package kernel 5.10.189.1-1
2022-03-10 23:47:45
prion
prion
Race condition
2022-03-03 19:15:00
veracode
veracode
Privilege Escalation
2021-08-12 15:39:39
openvas
openvas
Ubuntu: Security Advisory (USN-5002-1)
2021-06-24 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2021-95f2f1cfc7)
2021-07-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2842-1)
2021-08-26 00:00:00
osv
osv
linux-hwe, linux-gke-5.3, linux-raspi2-5.3 vulnerability
2021-06-23 04:12:41
CVE-2021-3609
2022-03-03 19:15:08
Important: kernel security, bug fix, and enhancement update
2021-08-10 11:56:07
debiancve
debiancve
CVE-2021-3609
2022-03-03 19:15:00
cnvd
cnvd
Linux Kernel Elevation of Privilege Vulnerability (CNVD-2021-60529)
2021-06-22 00:00:00
cve
cve
CVE-2021-3609
2022-03-03 19:15:00
redhatcve
redhatcve
CVE-2021-3609
2021-06-21 15:38:03
ibm
ibm
Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management
2021-10-04 06:40:34
Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs
2021-10-19 15:38:04
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-3609, CVE-2022-28390
2022-04-19 14:03:46
Fix of CVE: CVE-2022-28390, CVE-2021-3609
2022-04-19 14:04:12
fedora
fedora
[SECURITY] Fedora 34 Update: kernel-5.12.14-300.fc34
2021-07-08 00:58:19
[SECURITY] Fedora 33 Update: kernel-5.12.14-200.fc33
2021-07-08 01:08:51
rocky
rocky
kernel security, bug fix, and enhancement update
2021-08-10 11:56:07
kernel-rt security and bug fix update
2021-08-10 12:10:45
redhat
redhat
(RHSA-2021:3088) Important: kernel-rt security and bug fix update
2021-08-10 12:10:45
(RHSA-2021:3444) Important: kernel security and bug fix update
2021-09-07 14:26:29
(RHSA-2021:3442) Important: kpatch-patch security update
2021-09-07 14:24:32
archlinux
archlinux
[ASA-202107-51] linux-lts: privilege escalation
2021-07-21 00:00:00
[ASA-202107-50] linux-hardened: privilege escalation
2021-07-21 00:00:00
[ASA-202107-49] linux-zen: privilege escalation
2021-07-21 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2021-07-22 10:08:00
Updated kernel packages fix security vulnerabilities
2021-07-22 10:08:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2021-08-11 00:00:00
Unbreakable Enterprise kernel security update
2021-09-16 00:00:00
Unbreakable Enterprise kernel-container security update
2021-09-16 00:00:00
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2021-08-10 11:56:07
debian
debian
[SECURITY] [DLA 2713-2] linux security update
2021-07-20 20:03:38
[SECURITY] [DSA 4941-1] linux security update
2021-07-20 12:53:32
[SECURITY] [DLA 2713-1] linux security update
2021-07-20 19:50:49
suse
suse
Security update for the Linux Kernel (important)
2021-07-22 00:00:00
Security update for the Linux Kernel (important)
2021-08-14 00:00:00
Security update for the Linux Kernel (important)
2021-08-10 00:00:00
cloudfoundry
cloudfoundry
USN-5000-1: Linux kernel vulnerabilities | Cloud Foundry
2021-07-08 00:00:00
amazon
amazon
Important: kernel
2021-09-30 19:25:00
redos
redos
ROS-20220919-01
2022-09-19 00:00:00

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON
Related for UB:CVE-2021-3609
photon7nessus69ubuntu12cbl_mariner1prion1veracode1openvas42osv16debiancve1cnvd1cve1redhatcve1ibm2cloudlinux2fedora2rocky2redhat13archlinux4mageia2oraclelinux6almalinux1debian5suse4cloudfoundry1amazon1redos1