Vulnerabilities > CVE-2021-3609
Attack vector
LOCAL Attack complexity
HIGH Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.
Vulnerable Configurations
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1971651
- https://bugzilla.redhat.com/show_bug.cgi?id=1971651
- https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md
- https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md
- https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463
- https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463
- https://security.netapp.com/advisory/ntap-20220419-0004/
- https://security.netapp.com/advisory/ntap-20220419-0004/
- https://www.openwall.com/lists/oss-security/2021/06/19/1
- https://www.openwall.com/lists/oss-security/2021/06/19/1