CVE-2021-3743

An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.

Published: Mar 4, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-3743
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:P/I:N/A:P

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	5.14-rc6	5.14-rc6.x
linux / linux_kernel	5.17-rc5	5.17-rc5.x
linux / linux_kernel	5.17-rc4	5.17-rc4.x
linux / linux_kernel	5.17-rc1	5.17-rc1.x
linux / linux_kernel	5.17-rc2	5.17-rc2.x
linux / linux_kernel	5.17-rc3	5.17-rc3.x
linux / linux_kernel	5.17	5.17.x
linux / linux_kernel	5.17-rc6	5.17-rc6.x
linux / linux_kernel	5.14.1.x	5.17
fedoraproject / fedora	34	34.x
oracle / communications_cloud_native_core_binding_support_function	22.1.3	22.1.3.x
oracle / communications_cloud_native_core_policy	22.2.0	22.2.0.x
oracle / communications_cloud_native_core_network_exposure_function	22.1.1	22.1.1.x

Vulnerability Database

289,599

CVE-2021-3743