.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| linux | linux_kernel | 2.6.25 - 4.4.276 | - |
| linux | linux_kernel | 4.5 - 4.9.276 | - |
| linux | linux_kernel | 4.10 - 4.14.240 |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
57
Affected Products
10
References
linux / linux_kernel
| - |
| linux | linux_kernel | 4.15 - 4.19.198 | - |
| linux | linux_kernel | 4.20 - 5.4.132 | - |
| linux | linux_kernel | 5.5.0 - 5.10.50 | - |
| linux | linux_kernel | 5.11 - 5.12.17 | - |
| linux | linux_kernel | 5.13 - 5.13.2 | - |
| redhat | 3scale_api_management | - | - |
| redhat | build_of_quarkus | - | - |
| redhat | codeready_linux_builder_eus | - | - |
| redhat | codeready_linux_builder_eus | - | - |
| redhat | codeready_linux_builder_eus | - | - |
| redhat | codeready_linux_builder_for_power_little_endian_eus | - | - |
| redhat | codeready_linux_builder_for_power_little_endian_eus | - | - |
| redhat | codeready_linux_builder_for_power_little_endian_eus | - | - |
| redhat | openshift_container_platform | - | - |
| redhat | openshift_container_platform | - | - |
| redhat | openshift_container_platform | - | - |
| redhat | virtualization | - | - |
| redhat | virtualization_host | - | - |
| redhat | enterprise_linux_aus | - | - |
| redhat | enterprise_linux_eus | - | - |
| redhat | enterprise_linux_eus | - | - |
| redhat | enterprise_linux_eus | - | - |
| redhat | enterprise_linux_for_ibm_z_systems_eus | - | - |
| redhat | enterprise_linux_for_ibm_z_systems_eus_s390x | - | - |
| redhat | enterprise_linux_for_power_little_endian_eus | - | - |
| redhat | enterprise_linux_for_power_little_endian_eus | - | - |
| redhat | enterprise_linux_for_power_little_endian_eus | - | - |
| redhat | enterprise_linux_for_real_time | - | - |
| redhat | enterprise_linux_for_real_time_for_nfv | - | - |
| redhat | enterprise_linux_for_real_time_for_nfv_tus | - | - |
| redhat | enterprise_linux_for_real_time_for_nfv_tus | - | - |
| redhat | enterprise_linux_for_real_time_tus | - | - |
| redhat | enterprise_linux_for_real_time_tus | - | - |
| redhat | enterprise_linux_server_aus | - | - |
| redhat | enterprise_linux_server_aus | - | - |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | - | - |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | - | - |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | - | - |
| redhat | enterprise_linux_server_tus | - | - |
| redhat | enterprise_linux_server_tus | - | - |
| redhat | enterprise_linux_server_update_services_for_sap_solutions | - | - |
| redhat | enterprise_linux_server_update_services_for_sap_solutions | - | - |
| redhat | enterprise_linux_server_update_services_for_sap_solutions | - | - |
| netapp | h300s_firmware | - | - |
| netapp | h500s_firmware | - | - |
| netapp | h700s_firmware | - | - |
| netapp | h300e_firmware | - | - |
| netapp | h500e_firmware | - | - |
| netapp | h700e_firmware | - | - |
| netapp | h410s_firmware | - | - |
| netapp | h410c_firmware | - | - |
| netapp | h610c_firmware | - | - |
| netapp | h610s_firmware | - | - |
| netapp | h615c_firmware | - | - |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact