CVE-2021-3743

An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.14:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 11 (hide)

OR cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*

History

09 Nov 2023, 14:44

Type Values Removed Values Added
CPE cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
First Time Netapp h700e Firmware
Netapp h500s Firmware
Netapp h500e
Netapp h410c
Netapp h700s Firmware
Netapp h300e
Netapp h300s Firmware
Netapp h500s
Netapp h300e Firmware
Netapp h700s
Netapp h410s
Netapp h410c Firmware
Netapp h500e Firmware
Netapp h700e
Netapp h300s
Netapp h410s Firmware

24 Feb 2023, 15:14

Type Values Removed Values Added
References (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory
CPE cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
First Time Oracle communications Cloud Native Core Policy
Oracle communications Cloud Native Core Binding Support Function
Oracle
Oracle communications Cloud Native Core Network Exposure Function

12 Feb 2023, 23:42

Type Values Removed Values Added
References
  • {'url': 'https://access.redhat.com/errata/RHSA-2022:1975', 'name': 'https://access.redhat.com/errata/RHSA-2022:1975', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2022:1988', 'name': 'https://access.redhat.com/errata/RHSA-2022:1988', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2021-3743', 'name': 'https://access.redhat.com/security/cve/CVE-2021-3743', 'tags': [], 'refsource': 'MISC'}

02 Feb 2023, 21:21

Type Values Removed Values Added
References
  • (MISC) https://access.redhat.com/errata/RHSA-2022:1975 -
  • (MISC) https://access.redhat.com/errata/RHSA-2022:1988 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2021-3743 -

25 Jul 2022, 18:16

Type Values Removed Values Added
References
  • (N/A) https://www.oracle.com/security-alerts/cpujul2022.html -

01 Jun 2022, 20:30

Type Values Removed Values Added
First Time Netapp baseboard Management Controller H410s Firmware
Netapp baseboard Management Controller H500e Firmware
Netapp baseboard Management Controller H300s
Netapp baseboard Management Controller H700s
Netapp baseboard Management Controller H700s Firmware
Netapp baseboard Management Controller H700e
Netapp
Netapp baseboard Management Controller H410c Firmware
Netapp baseboard Management Controller H500s Firmware
Netapp baseboard Management Controller H410c
Netapp baseboard Management Controller H300s Firmware
Netapp baseboard Management Controller H700e Firmware
Netapp baseboard Management Controller H410s
Netapp baseboard Management Controller H500s
Netapp baseboard Management Controller H300e Firmware
Netapp baseboard Management Controller H500e
Netapp baseboard Management Controller H300e
CPE cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:*:*:*:*:*:*:*
References (CONFIRM) https://security.netapp.com/advisory/ntap-20220407-0007/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20220407-0007/ - Third Party Advisory

08 Apr 2022, 00:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20220407-0007/ -

11 Mar 2022, 15:24

Type Values Removed Values Added
CWE CWE-125
First Time Linux linux Kernel
Fedoraproject fedora
Linux
Fedoraproject
CVSS v2 : unknown
v3 : unknown
v2 : 3.6
v3 : 7.1
CPE cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.14:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*
References (MISC) https://www.openwall.com/lists/oss-security/2021/08/27/2 - (MISC) https://www.openwall.com/lists/oss-security/2021/08/27/2 - Exploit, Mailing List, Patch, Third Party Advisory
References (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb - (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb - Patch, Vendor Advisory
References (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117 - (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117 - Patch, Vendor Advisory
References (MISC) https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117 - (MISC) https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117 - Patch, Third Party Advisory
References (MISC) https://lists.openwall.net/netdev/2021/08/17/124 - (MISC) https://lists.openwall.net/netdev/2021/08/17/124 - Exploit, Mailing List, Third Party Advisory
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1997961 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1997961 - Issue Tracking, Patch, Third Party Advisory

04 Mar 2022, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-03-04 16:15

Updated : 2023-12-10 14:22


NVD link : CVE-2021-3743

Mitre link : CVE-2021-3743

CVE.ORG link : CVE-2021-3743


JSON object : View

Products Affected

netapp

  • h700s_firmware
  • h410s
  • h500e_firmware
  • h500e
  • h700e_firmware
  • h300s
  • h700s
  • h300e
  • h700e
  • h410s_firmware
  • h500s
  • h300s_firmware
  • h410c
  • h500s_firmware
  • h300e_firmware
  • h410c_firmware

oracle

  • communications_cloud_native_core_policy
  • communications_cloud_native_core_binding_support_function
  • communications_cloud_native_core_network_exposure_function

fedoraproject

  • fedora

linux

  • linux_kernel
CWE
CWE-125

Out-of-bounds Read