CVE-2021-34693 log

Source
Severity Medium
Remote No
Type Information disclosure
Description
net/can/bcm.c in the Linux kernel before 5.12.13 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
Group Package Affected Fixed Severity Status Ticket
AVG-2097 linux-lts 5.10.45-1 5.10.46-1 Medium Fixed
AVG-2096 linux-hardened 5.12.12.hardened1-1 5.12.13.hardened1-1 Medium Fixed
AVG-2095 linux-zen 5.12.12.zen1-1 5.12.13.zen1-1 Medium Fixed
AVG-2094 linux 5.12.12.arch1-1 5.12.13.arch1-1 Medium Fixed
References
https://www.openwall.com/lists/oss-security/2021/06/15/1
https://github.com/nrb547/kernel-exploitation/tree/main/cve-2021-34693
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.13&id=dc6415cb5cf8ebc8b334b7d0be916a0bf4353779
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.46&id=acb755be1f7adb204dcedc4d3b204ef098628623