A vulnerability has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the ISDN (for the ISDN over IP tunnel). The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. Reference: https://vuldb.com/?id.211088 Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=2568a7e0832ee30b0a351016d03062ab4e0e0a3f
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2150954]
While ISDN is disabled in Fedora kernels, a patch for this was included in 6.0.3 for users who might be building their own kernels.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6583 https://access.redhat.com/errata/RHSA-2023:6583