Vulnerabilities > CVE-2021-34693 - Missing Initialization of Resource vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
linux
debian
CWE-909

Summary

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

Vulnerable Configurations

Part Description Count
OS
Linux
4006
OS
Debian
2

Common Weakness Enumeration (CWE)