exploitDog

CVE-2021-3609

Опубликовано: 03 мар. 2022

Источник: nvd

CVSS3: 7

CVSS2: 6.9

EPSS Низкий

Описание

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=1971651
Issue Tracking
Third Party Advisory
https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md
Exploit
Technical Description
Third Party Advisory
https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220419-0004/
Third Party Advisory
https://www.openwall.com/lists/oss-security/2021/06/19/1
Mailing List
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1971651
Issue Tracking
Third Party Advisory
https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md
Exploit
Technical Description
Third Party Advisory
https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220419-0004/
Third Party Advisory
https://www.openwall.com/lists/oss-security/2021/06/19/1
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 2.6.25 (включая) до 4.4.276 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.5 (включая) до 4.9.276 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.10 (включая) до 4.14.240 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.15 (включая) до 4.19.198 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.20 (включая) до 5.4.132 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.5.0 (включая) до 5.10.50 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.12.17 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.13 (включая) до 5.13.2 (исключая)

Конфигурация 2

Одно из

cpe:2.3:a:redhat:3scale_api_management:2.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:build_of_quarkus:1.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:codeready_linux_builder_eus:8.1:*:*:*:*:*:*:*

cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:*:*

cpe:2.3:a:redhat:codeready_linux_builder_eus:8.4:*:*:*:*:*:*:*

cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*

cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*

cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:4.7:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:4.8:*:*:*:*:*:*:*

cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:8.1:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Конфигурация 7

Одновременно

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Конфигурация 8

Одновременно

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Конфигурация 9

Одновременно

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Конфигурация 10

Одновременно

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Конфигурация 11

Одновременно

cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*

Конфигурация 12

Одновременно

cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

Конфигурация 13

Одновременно

cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00055

Низкий

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-362

CWE-362

Связанные уязвимости

CVE-2021-3609

CVSS3: 7

ubuntu

больше 3 лет назад

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

CVE-2021-3609

CVSS3: 7

redhat

около 4 лет назад

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

CVE-2021-3609

CVSS3: 7

msrc

больше 3 лет назад

Описание отсутствует

CVE-2021-3609

CVSS3: 7

debian

больше 3 лет назад

.A flaw was found in the CAN BCM networking protocol in the Linux kern ...

GHSA-rv9w-mxpp-hwhj

CVSS3: 7

github

больше 3 лет назад

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

EPSS

Процентиль: 17%

0.00055

Низкий

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-362

CWE-362