An out-of-bounds (OOB) memory access flaw was found in net/core/filter.c in __bpf_skb_max_len in the Linux kernel. A missing sanity check to the current MTU check may allow a local attacker with special user privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. References: https://source.android.com/security/bulletin/pixel/2021-10-01 https://android.googlesource.com/kernel/common/+/6306c1189e77a513bf02720450bb43bd4ba5d8ae
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2018206]
This was fixed for Fedora with the 5.11.12 stable kernel updates.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1975 https://access.redhat.com/errata/RHSA-2022:1975
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1988 https://access.redhat.com/errata/RHSA-2022:1988
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-0941