Description: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c References: https://bugzilla.redhat.com/show_bug.cgi?id=1997961 https://lists.openwall.net/netdev/2021/08/17/124 Notes: bwh> Introduced in 4.15 by 194ccc88297a "net: qrtr: Support decoding bwh> incoming v2 packets" Bugs: upstream: released (5.14) [7e78c597c3ebfd0cb329aa09a838734147e4f117] 5.10-upstream-stable: released (5.10.62) [ad41706c771a038e9a334fa55216abd69b32bfdf] 4.19-upstream-stable: released (4.19.206) [ce7d8be2eaa4cab3032e256d154d1c33843d2367] 4.9-upstream-stable: N/A "Vulnerability introduced later" sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/all/net-qrtr-fix-another-OOB-Read-in-qrtr_endpoint_post.patch] 4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: N/A "Vulnerability introduced later"