LSN-0078-1

Advisory lineage Upstream: 2 Downstream: 0
Published: 19 Jul 2021, 05:41
Last modified:23 May 2026, 01:30

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

19 Jul 2021, 05:41
Published
Vulnerability first disclosed
23 May 2026, 01:30
Last Modified
Vulnerability information updated

Description

Kernel Live Patch Security Notice Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code.(CVE-2021-3609)

Affected Systems

  • ubuntulinux

    < 4.15.0-147.151 | < 5.4.0-77.86 | all

  • ubuntulinux-gcp

    < 5.4.0-1046.49 | all

  • ubuntulinux-gke

    < 5.4.0-1046.48 | all

  • ubuntulinux-gke-4.15

    all

  • ubuntulinux-gke-5.4

    < 5.4.0-1046.48~18.04.1 | all

  • ubuntulinux-gkeop

    < 5.4.0-1018.19 | all

  • ubuntulinux-gkeop-5.4

    < 5.4.0-1018.19~18.04.1 | all

  • ubuntulinux-hwe

    < 4.15.0-147.151~16.04.1 | all

  • ubuntulinux-hwe-5.4

    < 5.4.0-77.86~18.04.1 | all

  • ubuntulinux-oem

    all

References (2)