CVE-2021-3609

Summary

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

Affected Software

VendorProductVersion RangeStatus
n/akernelAffects kernel v2.6.25 to v5.13-rc6affected

Weaknesses

  • CWE-362: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

ADP Enrichment

CVE Program Container

Additional References

References