A race condition was discovered in the Android binder driver, that could lead to incorrect security checks. On systems where the binder driver is loaded, a local user could exploit this for privilege escalation.
References and upstream patches:
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2063220]
This was fixed for Fedora with the 5.14.18 stable kernel updates.
There was no source built with CONFIG_ANDROID_BINDER_IPC option in any of the shipped RHEL kernel versions.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):