In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References: Upstream kernel. References: https://source.android.com/security/bulletin/pixel/2021-10-01 https://android.googlesource.com/kernel/common/+/2f987a76a97773beafbc615b9c4d8fe79129a7f4
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2018226]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-0935
This was fixed for Fedora with the 4.15.15 stable update.