CVE-2021-3743

kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c

Severity Score

7.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.

Se ha encontrado un defecto de lectura de memoria fuera de límites (OOB) en el protocolo de router Qualcomm IPC en el kernel de Linux. Una falta de comprobación de saneo permite a un atacante local conseguir acceso de memoria fuera de límites, conllevando a un bloqueo del sistema o un filtrado de información interna del kernel. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-08-27 CVE Reserved
2021-09-28 CVE Published
2023-03-08 EPSS Updated
2024-08-03 CVE Updated
2024-08-03 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-125: Out-of-bounds Read

CAPEC

References (9)

URL	Tag	Source
https://security.netapp.com/advisory/ntap-20220407-0007	Third Party Advisory

URL	Date	SRC
https://lists.openwall.net/netdev/2021/08/17/124	2024-08-03
https://www.openwall.com/lists/oss-security/2021/08/27/2	2024-08-03

URL	Date	SRC
https://bugzilla.redhat.com/show_bug.cgi?id=1997961	2022-05-10
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb	2023-11-09
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117	2023-11-09
https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117	2023-11-09
https://www.oracle.com/security-alerts/cpujul2022.html	2023-11-09

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2021-3743	2022-05-10

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Netapp Search vendor "Netapp"	H300s Firmware Search vendor "Netapp" for product "H300s Firmware"	-	-	Affected	in	Netapp Search vendor "Netapp"	H300s Search vendor "Netapp" for product "H300s"	-	-	Safe
Netapp Search vendor "Netapp"	H500s Firmware Search vendor "Netapp" for product "H500s Firmware"	-	-	Affected	in	Netapp Search vendor "Netapp"	H500s Search vendor "Netapp" for product "H500s"	-	-	Safe
Netapp Search vendor "Netapp"	H700s Firmware Search vendor "Netapp" for product "H700s Firmware"	-	-	Affected	in	Netapp Search vendor "Netapp"	H700s Search vendor "Netapp" for product "H700s"	-	-	Safe
Netapp Search vendor "Netapp"	H300e Firmware Search vendor "Netapp" for product "H300e Firmware"	-	-	Affected	in	Netapp Search vendor "Netapp"	H300e Search vendor "Netapp" for product "H300e"	-	-	Safe
Netapp Search vendor "Netapp"	H500e Firmware Search vendor "Netapp" for product "H500e Firmware"	-	-	Affected	in	Netapp Search vendor "Netapp"	H500e Search vendor "Netapp" for product "H500e"	-	-	Safe
Netapp Search vendor "Netapp"	H700e Firmware Search vendor "Netapp" for product "H700e Firmware"	-	-	Affected	in	Netapp Search vendor "Netapp"	H700e Search vendor "Netapp" for product "H700e"	-	-	Safe
Netapp Search vendor "Netapp"	H410s Firmware Search vendor "Netapp" for product "H410s Firmware"	-	-	Affected	in	Netapp Search vendor "Netapp"	H410s Search vendor "Netapp" for product "H410s"	-	-	Safe
Netapp Search vendor "Netapp"	H410c Firmware Search vendor "Netapp" for product "H410c Firmware"	-	-	Affected	in	Netapp Search vendor "Netapp"	H410c Search vendor "Netapp" for product "H410c"	-	-	Safe
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				> 5.14.1 < 5.17 Search vendor "Linux" for product "Linux Kernel" and version " > 5.14.1 < 5.17"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.14 Search vendor "Linux" for product "Linux Kernel" and version "5.14"		rc6		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17"		rc1		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17"		rc2		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17"		rc3		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17"		rc4		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17"		rc5		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.17 Search vendor "Linux" for product "Linux Kernel" and version "5.17"		rc6		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				34 Search vendor "Fedoraproject" for product "Fedora" and version "34"		-		Affected
Oracle Search vendor "Oracle"		Communications Cloud Native Core Binding Support Function Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function"				22.1.3 Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" and version "22.1.3"		-		Affected
Oracle Search vendor "Oracle"		Communications Cloud Native Core Network Exposure Function Search vendor "Oracle" for product "Communications Cloud Native Core Network Exposure Function"				22.1.1 Search vendor "Oracle" for product "Communications Cloud Native Core Network Exposure Function" and version "22.1.1"		-		Affected
Oracle Search vendor "Oracle"		Communications Cloud Native Core Policy Search vendor "Oracle" for product "Communications Cloud Native Core Policy"				22.2.0 Search vendor "Oracle" for product "Communications Cloud Native Core Policy" and version "22.2.0"		-		Affected