USN-5002-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2021-3609 UBUNTU-CVE-2021-3609

Published: 23 Jun 2021, 04:12

Last modified:23 May 2026, 01:32

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

23 Jun 2021, 04:12

Published

Vulnerability first disclosed

23 May 2026, 01:32

Last Modified

Vulnerability information updated

Description

linux-hwe, linux-gke-5.3, linux-raspi2-5.3 vulnerability Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code.

Affected Systems

ubuntu•linux-gke-5.3
< 5.3.0-1044.47
ubuntu•linux-hwe
< 5.3.0-75.71
ubuntu•linux-raspi2-5.3
< 5.3.0-1041.43

References (2)

https://ubuntu.com/security/notices/USN-5002-1
https://ubuntu.com/security/CVE-2021-3609