CVE-2021-3609

CVSS V2 Medium 6.9 CVSS V3 High 7
Description
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.
Overview
  • CVE ID
  • CVE-2021-3609
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Undergoing Analysis
  • Published Version
  • 2022-03-03T19:15:08
  • Last Modified Date
  • 2023-02-12T23:41:20
Weakness Enumerations
CWE URL
CWE-362 http://cwe.mitre.org/data/definitions/362.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:* 1 OR 2.6.25 5.13
cpe:2.3:a:linux:linux_kernel:5.13:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:linux:linux_kernel:5.13:rc2:*:*:*:*:*:* 1 OR
cpe:2.3:a:linux:linux_kernel:5.13:rc3:*:*:*:*:*:* 1 OR
cpe:2.3:a:linux:linux_kernel:5.13:rc4:*:*:*:*:*:* 1 OR
cpe:2.3:a:linux:linux_kernel:5.13:rc5:*:*:*:*:*:* 1 OR
cpe:2.3:a:linux:linux_kernel:5.13:rc6:*:*:*:*:*:* 1 OR
AND
cpe:2.3:a:redhat:3scale_api_management:2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:build_of_quarkus:1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:openshift_container_platform:4.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:openshift_container_platform:4.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:8.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:* 1 OR
AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:L/AC:M/Au:N/C:C/I:C/A:C
  • Access Vector
  • LOCAL
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 6.9
  • Severity
  • MEDIUM
  • Exploitability Score
  • 3.4
  • Impact Score
  • 10
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Attack Vector
  • LOCAL
  • Attack Compatibility
  • HIGH
  • Privileges Required
  • LOW
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 7
  • Base Severity
  • HIGH
  • Exploitability Score
  • 1
  • Impact Score
  • 5.9
References
Reference URL Reference Tags
https://access.redhat.com/errata/RHSA-2021:3044
https://access.redhat.com/errata/RHSA-2021:3057
https://access.redhat.com/errata/RHSA-2021:3088
https://access.redhat.com/errata/RHSA-2021:3235
https://access.redhat.com/errata/RHSA-2021:3363
https://access.redhat.com/errata/RHSA-2021:3375
https://access.redhat.com/errata/RHSA-2021:3380
https://access.redhat.com/errata/RHSA-2021:3442
https://access.redhat.com/errata/RHSA-2021:3444
https://access.redhat.com/security/cve/CVE-2021-3609
https://bugzilla.redhat.com/show_bug.cgi?id=1971651 Issue Tracking Third Party Advisory
https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md Exploit Technical Description Third Party Advisory
https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463 Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20220419-0004/ Third Party Advisory
https://www.openwall.com/lists/oss-security/2021/06/19/1 Mailing List Third Party Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2021-3609
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3609
History
Created Old Value New Value Data Type Notes
2022-04-20 17:00:32 Added to TrackCVE
2022-12-06 11:15:53 2022-03-03T19:15Z 2022-03-03T19:15:08 CVE Published Date updated
2022-12-06 11:15:53 2022-10-06T16:21:03 CVE Modified Date updated
2022-12-06 11:15:53 Analyzed Vulnerability Status updated
2022-12-12 19:13:34 Analyzed Undergoing Analysis Vulnerability Status updated
2023-02-02 23:13:16 2023-02-02T21:21:08 CVE Modified Date updated
2023-02-02 23:13:16 .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. Description updated
2023-02-02 23:13:18 References updated
2023-02-13 00:13:56 2023-02-12T23:41:20 CVE Modified Date updated
2023-02-13 00:13:56 A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. Description updated