cve/2021/CVE-2021-3609.md

### [CVE-2021-3609](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3609)
![](https://img.shields.io/static/v1?label=Product&message=kernel&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20Affects%20kernel%20v2.6.25%20to%20v5.13-rc6%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-362%20-%20Concurrent%20Execution%20using%20Shared%20Resource%20with%20Improper%20Synchronization%20('Race%20Condition')&color=brighgreen)

### Description

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

### POC

#### Reference
- https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/kdn111/linux-kernel-exploitation
- https://github.com/khanhdn111/linux-kernel-exploitation
- https://github.com/khanhdz-06/linux-kernel-exploitation
- https://github.com/khanhdz191/linux-kernel-exploitation
- https://github.com/khanhhdz/linux-kernel-exploitation
- https://github.com/khanhhdz06/linux-kernel-exploitation
- https://github.com/khanhnd123/linux-kernel-exploitation
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation