CVE-2021-32606

Published: May 11, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.openwall.com/lists/oss-security/2021/05/11/16

[oss-security] 20210512 Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation

mailing-list

[oss-security] 20210514 Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation

mailing-list

[oss-security] 20210514 Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation

mailing-list

FEDORA-2021-4f852b79d1

vendor-advisory

FEDORA-2021-bae582b42c

vendor-advisory

FEDORA-2021-8832eab899

vendor-advisory

[oss-security] 20210528 Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation

mailing-list

https://security.netapp.com/advisory/ntap-20210625-0001/

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2b17c400aeb44daf041627722581ade527bb3c1d

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-32606

Description

Affected Products

References