This CVE is being DISPUTED (*) by Red Hat with a note that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.
Reference and upstream patch:
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1991723]
This was fixed for Fedora with the 5.13.4 stable kernel updates.