PT-2021-4222 · Linux+5 · Linux Kernel+5

Norbert Slusarek

·

Published

2021-06-13

·

Updated

2025-09-29

·

CVE-2021-34693

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.12.10
Description The issue allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. This is due to a lack of initialization of a certain data structure in the net/can/bcm.c component of the Linux kernel.
Recommendations For Linux kernel versions through 5.12.10, update to a version later than 5.12.10 to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-909

Related Identifiers

ALSA-2025_16880
ALT-PU-2021-2025
ALT-PU-2021-2026
ALT-PU-2021-2315
ALT-PU-2021-2326
ALT-PU-2021-2330
ALT-PU-2021-3481
ALT-PU-2022-1240
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2023-1814
AZL-6567
BDU:2021-04826
CVE-2021-34693
DLA-2713-1
DLA-2713-2
DLA-2714-1
DSA-4941-1
MGASA-2021-0295
MGASA-2021-0296
OESA-2021-1279
OPENSUSE-SU-2021:2305-1
OPENSUSE-SU-2021:2352-1
OPENSUSE-SU-2021:2427-1
OPENSUSE-SU-2021_2305-1
OPENSUSE-SU-2021_2352-1
OPENSUSE-SU-2021_2427-1
SUSE-SU-2021:14764-1
SUSE-SU-2021:2303-1
SUSE-SU-2021:2305-1
SUSE-SU-2021:2321-1
SUSE-SU-2021:2324-1
SUSE-SU-2021:2325-1
SUSE-SU-2021:2349-1
SUSE-SU-2021:2352-1
SUSE-SU-2021:2406-1
SUSE-SU-2021:2421-1
SUSE-SU-2021:2422-1
SUSE-SU-2021:2426-1
SUSE-SU-2021:2427-1
SUSE-SU-2021:2451-1
SUSE-SU-2021_14764-1
USN-5045-1
USN-5070-1
USN-5073-1
USN-5073-2
USN-5073-3
USN-5299-1
USN-5343-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu