In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196046570References: Upstream kernel References: https://source.android.com/security/bulletin/2021-12-01 Upstream patches: https://android.googlesource.com/kernel/common/+/e113eb454e92 https://android.googlesource.com/kernel/common/+/60a4c35570d9 https://android.googlesource.com/kernel/common/+/4b05a506bda0
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2033724]
xt_quota2.c is an android implementatation, not in the upstream kernel tree. This code does not appear in the Fedora kernel at all.