A use-after-free vulnerability was found in the Linux kernel in function hci_sock_bound_ioctl(). It can allow attackers to corrupt kernel heaps (kmalloc-8k to be specific) and adopt further exploitations.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1969475]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4140 https://access.redhat.com/errata/RHSA-2021:4140
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4356 https://access.redhat.com/errata/RHSA-2021:4356
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3573
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:0620 https://access.redhat.com/errata/RHSA-2022:0620
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:0622 https://access.redhat.com/errata/RHSA-2022:0622