CVE-2021-3743 — Out-of-bounds Read in Kernel
Severity
7.1HIGHNVD
OSV7.8OSV6.5
EPSS
0.0%
top 98.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 4
Latest updateFeb 14
Description
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2
Affected Packages10 packages
Also affects: Fedora 34
Patches
🔴Vulnerability Details
9GHSA▶
GHSA-5g47-45xh-p83v: An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel↗2022-03-05
CVEList▶
CVE-2021-3743: An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel↗2022-03-04
OSV▶
CVE-2021-3743: An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel↗2022-03-04
OSV▶
linux-bluefield, linux-gke-5.4, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities↗2021-11-11
OSV▶
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities↗2021-11-09
📋Vendor Advisories
10Microsoft▶
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory leading↗2022-03-08