A possible kernel memory information disclosure was discovered in drivers/usb/gadget/function/rndis.c. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2059924]
This was fixed for Fedora with the 5.16.10 stable kernel updates.