CVE-2021-3655 log

Source
Severity Medium
Remote Yes
Type Information disclosure
Description
A vulnerability was found in the Linux kernel. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.
Group Package Affected Fixed Severity Status Ticket
AVG-2229 linux-lts 5.10.50-1 5.10.51-1 Medium Fixed
AVG-2228 linux-hardened 5.12.17.hardened1-1 5.12.18.hardened1-1 Medium Fixed
AVG-2182 linux-zen 5.13.1.zen1-1 5.13.4.zen1-1 High Fixed
AVG-2181 linux 5.13.1.arch1-1 5.13.4.arch1-1 High Fixed
Date Advisory Group Package Severity Type
21 Jul 2021 ASA-202107-49 AVG-2182 linux-zen High privilege escalation
21 Jul 2021 ASA-202107-48 AVG-2181 linux High privilege escalation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1984024
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=0c5dc070ff3d6246d22ddd931f23a6266249e3db
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=50619dbf8db77e98d821d615af4f634d08e22698
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b6ffe7671b24689c09faa5675dd58f93758a97ae
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=ef6c8d6ccf0c1dccdda092ebe8782777cd7803c9
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.13.3&id=4ecabee69d190f2bd9bdc5140109a27231428413
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.13.3&id=92b74375a1bbf5f7f64f4ea98064a5ba62956bcc
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.18&id=d91adac26d5ebac78c731b3aa23ff2c210ce2a0d
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.18&id=603f0eedf3b17df9e424c01bae25b94ae1091279
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.51&id=d4dbef7046e24669278eba4455e9e8053ead6ba0
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.51&id=6ef81a5c0e22233e13c748e813c54d3bf0145782