CVE-2021-3609 log

Severity Medium
Remote No
Type Privilege escalation
A race condition in net/can/bcm.c in the Linux kernel before version 5.13.2 allows for local privilege escalation to root. The CAN BCM networking protocol allows to register a CAN message receiver for a specified socket. The function bcm_rx_handler() is run for incoming CAN messages. Simultaneously to running this function, the socket can be closed and bcm_release() will be called. Inside bcm_release(), struct bcm_op and struct bcm_sock are freed while bcm_rx_handler() is still running, finally leading to multiple use-after-free's.
Group Package Affected Fixed Severity Status Ticket
AVG-2184 linux-lts 5.10.51-1 5.10.52-1 High Fixed
AVG-2183 linux-hardened 5.12.18.hardened1-1 5.12.19.hardened1-1 High Fixed
AVG-2182 linux-zen 5.13.1.zen1-1 5.13.4.zen1-1 High Fixed
AVG-2181 linux 5.13.1.arch1-1 5.13.4.arch1-1 High Fixed
Date Advisory Group Package Severity Type
21 Jul 2021 ASA-202107-51 AVG-2184 linux-lts High privilege escalation
21 Jul 2021 ASA-202107-50 AVG-2183 linux-hardened High privilege escalation
21 Jul 2021 ASA-202107-49 AVG-2182 linux-zen High privilege escalation
21 Jul 2021 ASA-202107-48 AVG-2181 linux High privilege escalation