An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol qrtr_endpoint_post in the Linux kernel. A missing sanity check may allow a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. References: https://lists.openwall.net/netdev/2021/08/17/124 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1997962]
This is fixed for Fedora with the 5.13.14 stable kernel updates.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1975 https://access.redhat.com/errata/RHSA-2022:1975
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1988 https://access.redhat.com/errata/RHSA-2022:1988
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3743