CVE-2021-34693

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

References

https://lore.kernel.org/netdev/[email protected]p-gmx-bs04/T/

http://www.openwall.com/lists/oss-security/2021/06/15/1

https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html

https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html

https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html

Details

Source: MITRE

Published: 2021-06-14

Updated: 2021-07-21

Type: CWE-909

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from 2.6.25 to 5.12.10 (inclusive)

Tenable Plugins

View all (28 total)

IDNameProductFamilySeverity
153476Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel (GCP) vulnerabilities (USN-5073-2)NessusUbuntu Local Security Checks
high
153221OracleVM 3.4 : Unbreakable / etc (OVMSA-2021-0030)NessusOracleVM Local Security Checks
medium
153177Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5073-1)NessusUbuntu Local Security Checks
high
153174Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5070-1)NessusUbuntu Local Security Checks
high
153172Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9442)NessusOracle Linux Local Security Checks
medium
153148Debian DLA-2714-1 : linux-4.19 - LTS security updateNessusDebian Local Security Checks
high
152639Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-5045-1)NessusUbuntu Local Security Checks
medium
152388Photon OS 3.0: Linux PHSA-2021-3.0-0278NessusPhotonOS Local Security Checks
high
152055SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2451-1)NessusSuSE Local Security Checks
high
151998SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2422-1)NessusSuSE Local Security Checks
high
151996SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2426-1)NessusSuSE Local Security Checks
high
151989SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2427-1)NessusSuSE Local Security Checks
high
151986SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2421-1)NessusSuSE Local Security Checks
high
151935openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2427-1)NessusSuSE Local Security Checks
high
151897Slackware 14.2 : Slackware 14.2 kernel (SSA:2021-202-01)NessusSlackware Local Security Checks
high
151891Debian DLA-2713-1 : linux - LTS security updateNessusDebian Local Security Checks
medium
151890Debian DSA-4941-1 : linux - security updateNessusDebian Local Security Checks
medium
151878SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2406-1)NessusSuSE Local Security Checks
high
151760SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:2352-1)NessusSuSE Local Security Checks
medium
151754openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2305-1)NessusSuSE Local Security Checks
medium
151691openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2352-1)NessusSuSE Local Security Checks
medium
151658SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2349-1)NessusSuSE Local Security Checks
high
151653SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:2324-1)NessusSuSE Local Security Checks
high
151652SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:2325-1)NessusSuSE Local Security Checks
high
151649SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2321-1)NessusSuSE Local Security Checks
high
151618SUSE SLES11 Security Update : kernel (SUSE-SU-2021:14764-1)NessusSuSE Local Security Checks
high
151617SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2303-1)NessusSuSE Local Security Checks
high
151616SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2305-1)NessusSuSE Local Security Checks
medium