There are null pointer dereference and use-after-free vulnerabilities in net/ax25/ax25_timer.c of linux that allow attacker to crash linux kernel by simulating Amateur Radio from user-space. Upstream fix: https://github.com/torvalds/linux/commit/fc6d01ff9ef03b66d4a3a23b46fc3c3d8cf92009 https://github.com/torvalds/linux/commit/82e31755e55fbcea6a9dfaae5fe4860ade17cbc0
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2071054]
https://www.openwall.com/lists/oss-security/2022/04/02/4
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-1205