{"id":"LSN-0078-1","summary":"Kernel Live Patch Security Notice","details":"Norbert Slusarek discovered a race condition in the CAN BCM networking\nprotocol of the Linux kernel leading to multiple use-after-free\nvulnerabilities. A local attacker could use this issue to execute arbitrary\ncode.(CVE-2021-3609)","modified":"2026-04-27T15:12:49.713199Z","published":"2021-07-19T05:41:57Z","upstream":["CVE-2021-3609","UBUNTU-CVE-2021-3609"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/LSN-0078-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-3609"}],"affected":[{"package":{"name":"linux-hwe","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/linux-hwe@4.15.0-147.151~16.04.1?arch=source&distro=esm-infra/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-147.151~16.04.1"}]}],"versions":["4.8.0-36.36~16.04.1","4.8.0-39.42~16.04.1","4.8.0-41.44~16.04.1","4.8.0-42.45~16.04.1","4.8.0-44.47~16.04.1","4.8.0-45.48~16.04.1","4.8.0-46.49~16.04.1","4.8.0-49.52~16.04.1","4.8.0-51.54~16.04.1","4.8.0-52.55~16.04.1","4.8.0-53.56~16.04.1","4.8.0-54.57~16.04.1","4.8.0-56.61~16.04.1","4.8.0-58.63~16.04.1","4.10.0-27.30~16.04.2","4.10.0-28.32~16.04.2","4.10.0-30.34~16.04.1","4.10.0-32.36~16.04.1","4.10.0-33.37~16.04.1","4.10.0-35.39~16.04.1","4.10.0-37.41~16.04.1","4.10.0-38.42~16.04.1","4.10.0-40.44~16.04.1","4.10.0-42.46~16.04.1","4.13.0-26.29~16.04.2","4.13.0-31.34~16.04.1","4.13.0-32.35~16.04.1","4.13.0-36.40~16.04.1","4.13.0-37.42~16.04.1","4.13.0-38.43~16.04.1","4.13.0-39.44~16.04.1","4.13.0-41.46~16.04.1","4.13.0-43.48~16.04.1","4.13.0-45.50~16.04.1","4.15.0-24.26~16.04.1","4.15.0-29.31~16.04.1","4.15.0-30.32~16.04.1","4.15.0-32.35~16.04.1","4.15.0-33.36~16.04.1","4.15.0-34.37~16.04.1","4.15.0-36.39~16.04.1","4.15.0-38.41~16.04.1","4.15.0-39.42~16.04.1","4.15.0-42.45~16.04.1","4.15.0-43.46~16.04.1","4.15.0-45.48~16.04.1","4.15.0-46.49~16.04.1","4.15.0-47.50~16.04.1","4.15.0-48.51~16.04.1","4.15.0-50.54~16.04.1","4.15.0-51.55~16.04.1","4.15.0-52.56~16.04.1","4.15.0-54.58~16.04.1","4.15.0-55.60~16.04.2","4.15.0-58.64~16.04.1","4.15.0-60.67~16.04.1","4.15.0-62.69~16.04.1","4.15.0-64.73~16.04.1","4.15.0-65.74~16.04.1","4.15.0-66.75~16.04.1","4.15.0-69.78~16.04.1","4.15.0-70.79~16.04.1","4.15.0-72.81~16.04.1","4.15.0-74.83~16.04.1","4.15.0-76.86~16.04.1","4.15.0-88.88~16.04.1","4.15.0-91.92~16.04.1","4.15.0-96.97~16.04.1","4.15.0-99.100~16.04.1","4.15.0-101.102~16.04.1","4.15.0-106.107~16.04.1","4.15.0-107.108~16.04.1","4.15.0-112.113~16.04.1","4.15.0-115.116~16.04.1","4.15.0-117.118~16.04.1","4.15.0-118.119~16.04.1","4.15.0-120.122~16.04.1","4.15.0-122.124~16.04.1","4.15.0-123.126~16.04.1","4.15.0-126.129~16.04.1","4.15.0-128.131~16.04.1","4.15.0-129.132~16.04.1","4.15.0-132.136~16.04.1","4.15.0-133.137~16.04.1","4.15.0-136.140~16.04.1","4.15.0-137.141~16.04.1","4.15.0-139.143~16.04.1","4.15.0-140.144~16.04.1","4.15.0-142.146~16.04.1","4.15.0-143.147~16.04.3","4.15.0-144.148~16.04.1"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_4_15_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}},{"package":{"name":"linux","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/linux@4.15.0-147.151?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-147.151"}]}],"versions":["4.13.0-16.19","4.13.0-17.20","4.13.0-25.29","4.13.0-32.35","4.15.0-10.11","4.15.0-12.13","4.15.0-13.14","4.15.0-15.16","4.15.0-19.20","4.15.0-20.21","4.15.0-22.24","4.15.0-23.25","4.15.0-24.26","4.15.0-29.31","4.15.0-30.32","4.15.0-32.35","4.15.0-33.36","4.15.0-34.37","4.15.0-36.39","4.15.0-38.41","4.15.0-39.42","4.15.0-42.45","4.15.0-43.46","4.15.0-44.47","4.15.0-45.48","4.15.0-46.49","4.15.0-47.50","4.15.0-48.51","4.15.0-50.54","4.15.0-51.55","4.15.0-52.56","4.15.0-54.58","4.15.0-55.60","4.15.0-58.64","4.15.0-60.67","4.15.0-62.69","4.15.0-64.73","4.15.0-65.74","4.15.0-66.75","4.15.0-69.78","4.15.0-70.79","4.15.0-72.81","4.15.0-74.84","4.15.0-76.86","4.15.0-88.88","4.15.0-91.92","4.15.0-96.97","4.15.0-99.100","4.15.0-101.102","4.15.0-106.107","4.15.0-108.109","4.15.0-109.110","4.15.0-111.112","4.15.0-112.113","4.15.0-115.116","4.15.0-117.118","4.15.0-118.119","4.15.0-121.123","4.15.0-122.124","4.15.0-123.126","4.15.0-124.127","4.15.0-126.129","4.15.0-128.131","4.15.0-129.132","4.15.0-130.134","4.15.0-132.136","4.15.0-134.138","4.15.0-135.139","4.15.0-136.140","4.15.0-137.141","4.15.0-139.143","4.15.0-140.144","4.15.0-141.145","4.15.0-142.146","4.15.0-143.147","4.15.0-144.148"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_4_15_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}},{"package":{"name":"linux-gke-4.15","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/linux-gke-4.15@4.15.0-1079.84?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.15.0-1030.32","4.15.0-1032.34","4.15.0-1033.35","4.15.0-1034.36","4.15.0-1036.38","4.15.0-1037.39","4.15.0-1040.42","4.15.0-1041.43","4.15.0-1042.44","4.15.0-1044.46","4.15.0-1045.48","4.15.0-1046.49","4.15.0-1048.51","4.15.0-1049.52","4.15.0-1050.53","4.15.0-1052.55","4.15.0-1055.58","4.15.0-1057.60","4.15.0-1058.61","4.15.0-1059.62","4.15.0-1063.66","4.15.0-1064.67","4.15.0-1066.69","4.15.0-1067.70","4.15.0-1069.72","4.15.0-1070.73","4.15.0-1072.76","4.15.0-1073.78","4.15.0-1074.79","4.15.0-1076.81","4.15.0-1077.82","4.15.0-1078.83","4.15.0-1079.84"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_4_15_0[_|\\d]+_gke_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}},{"package":{"name":"linux-gke-5.4","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/linux-gke-5.4@5.4.0-1046.48~18.04.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1046.48~18.04.1"}]}],"versions":["5.4.0-1025.25~18.04.1","5.4.0-1027.28~18.04.1","5.4.0-1029.31~18.04.1","5.4.0-1030.32~18.04.1","5.4.0-1032.34~18.04.1","5.4.0-1033.35~18.04.1","5.4.0-1035.37~18.04.1","5.4.0-1036.38~18.04.1","5.4.0-1037.39~18.04.1","5.4.0-1039.41~18.04.1","5.4.0-1040.42~18.04.1","5.4.0-1042.44~18.04.1","5.4.0-1043.45~18.04.1","5.4.0-1044.46~18.04.1"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_gke_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}},{"package":{"name":"linux-gkeop-5.4","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/linux-gkeop-5.4@5.4.0-1018.19~18.04.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1018.19~18.04.1"}]}],"versions":["5.4.0-1001.1","5.4.0-1003.3","5.4.0-1004.5","5.4.0-1005.6","5.4.0-1007.8~18.04.1","5.4.0-1008.9~18.04.1","5.4.0-1009.10~18.04.1","5.4.0-1010.11~18.04.1","5.4.0-1011.12~18.04.2","5.4.0-1012.13~18.04.1","5.4.0-1013.14~18.04.1","5.4.0-1014.15~18.04.1","5.4.0-1015.16~18.04.1","5.4.0-1016.17~18.04.1"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_gkeop_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}},{"package":{"name":"linux-hwe-5.4","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/linux-hwe-5.4@5.4.0-77.86~18.04.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-77.86~18.04.1"}]}],"versions":["5.4.0-37.41~18.04.1","5.4.0-39.43~18.04.1","5.4.0-40.44~18.04.1","5.4.0-42.46~18.04.1","5.4.0-45.49~18.04.2","5.4.0-47.51~18.04.1","5.4.0-48.52~18.04.1","5.4.0-51.56~18.04.1","5.4.0-52.57~18.04.1","5.4.0-53.59~18.04.1","5.4.0-54.60~18.04.1","5.4.0-56.62~18.04.1","5.4.0-58.64~18.04.1","5.4.0-59.65~18.04.1","5.4.0-60.67~18.04.1","5.4.0-62.70~18.04.1","5.4.0-64.72~18.04.1","5.4.0-65.73~18.04.1","5.4.0-66.74~18.04.2","5.4.0-67.75~18.04.1","5.4.0-70.78~18.04.1","5.4.0-71.79~18.04.1","5.4.0-72.80~18.04.1","5.4.0-73.82~18.04.1","5.4.0-74.83~18.04.1"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}},{"package":{"name":"linux-oem","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/linux-oem@4.15.0-1103.114?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.15.0-1002.3","4.15.0-1004.5","4.15.0-1006.9","4.15.0-1008.11","4.15.0-1009.12","4.15.0-1012.15","4.15.0-1013.16","4.15.0-1015.18","4.15.0-1017.20","4.15.0-1018.21","4.15.0-1021.24","4.15.0-1024.29","4.15.0-1026.31","4.15.0-1028.33","4.15.0-1030.35","4.15.0-1033.38","4.15.0-1034.39","4.15.0-1035.40","4.15.0-1036.41","4.15.0-1038.43","4.15.0-1039.44","4.15.0-1043.48","4.15.0-1045.50","4.15.0-1050.57","4.15.0-1056.65","4.15.0-1057.66","4.15.0-1059.68","4.15.0-1063.72","4.15.0-1064.73","4.15.0-1065.75","4.15.0-1066.76","4.15.0-1067.77","4.15.0-1069.79","4.15.0-1073.83","4.15.0-1076.86","4.15.0-1079.89","4.15.0-1080.90","4.15.0-1081.91","4.15.0-1087.97","4.15.0-1090.100","4.15.0-1091.101","4.15.0-1093.103","4.15.0-1094.104","4.15.0-1096.106","4.15.0-1097.107","4.15.0-1099.109","4.15.0-1100.110","4.15.0-1101.112","4.15.0-1102.113","4.15.0-1103.114"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_4_15_0[_|\\d]+_oem_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}},{"package":{"name":"linux","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/linux@5.4.0-77.86?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-77.86"}]}],"versions":["5.3.0-18.19","5.3.0-24.26","5.4.0-9.12","5.4.0-18.22","5.4.0-21.25","5.4.0-24.28","5.4.0-25.29","5.4.0-26.30","5.4.0-28.32","5.4.0-29.33","5.4.0-31.35","5.4.0-33.37","5.4.0-37.41","5.4.0-39.43","5.4.0-40.44","5.4.0-42.46","5.4.0-45.49","5.4.0-47.51","5.4.0-48.52","5.4.0-51.56","5.4.0-52.57","5.4.0-53.59","5.4.0-54.60","5.4.0-56.62","5.4.0-58.64","5.4.0-59.65","5.4.0-60.67","5.4.0-62.70","5.4.0-64.72","5.4.0-65.73","5.4.0-66.74","5.4.0-67.75","5.4.0-70.78","5.4.0-71.79","5.4.0-72.80","5.4.0-73.82","5.4.0-74.83"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}},{"package":{"name":"linux-gcp","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp@5.4.0-1046.49?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1046.49"}]}],"versions":["5.3.0-1004.4","5.3.0-1009.10","5.3.0-1011.12","5.4.0-1005.5","5.4.0-1007.7","5.4.0-1008.8","5.4.0-1009.9","5.4.0-1011.11","5.4.0-1015.15","5.4.0-1018.18","5.4.0-1019.19","5.4.0-1021.21","5.4.0-1022.22","5.4.0-1024.24","5.4.0-1025.25","5.4.0-1028.29","5.4.0-1029.31","5.4.0-1030.32","5.4.0-1032.34","5.4.0-1033.35","5.4.0-1034.37","5.4.0-1036.39","5.4.0-1037.40","5.4.0-1038.41","5.4.0-1040.43","5.4.0-1041.44","5.4.0-1042.45","5.4.0-1043.46","5.4.0-1044.47"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_gcp_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}},{"package":{"name":"linux-gke","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/linux-gke@5.4.0-1046.48?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1046.48"}]}],"versions":["5.4.0-1033.35","5.4.0-1035.37","5.4.0-1036.38","5.4.0-1037.39","5.4.0-1039.41","5.4.0-1041.43","5.4.0-1042.44","5.4.0-1043.45","5.4.0-1044.46"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_gke_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}},{"package":{"name":"linux-gkeop","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/linux-gkeop@5.4.0-1018.19?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1018.19"}]}],"versions":["5.4.0-1008.9","5.4.0-1009.10","5.4.0-1010.11","5.4.0-1011.12","5.4.0-1012.13","5.4.0-1013.14","5.4.0-1014.15","5.4.0-1015.16","5.4.0-1016.17"],"ecosystem_specific":{"availability":"Livepatch subscription required","module_version":"78","module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_gkeop_(\\d+)"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json"}}],"schema_version":"1.7.5"}