{"id":"CVE-2021-3743","details":"An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.","aliases":["A-224080927","PUB-A-224080927"],"modified":"2026-04-16T04:30:59.099486514Z","published":"2022-03-04T16:15:08.547Z","related":["ALSA-2022:1988","SUSE-SU-2021:3177-1","SUSE-SU-2021:3178-1","SUSE-SU-2021:3179-1","SUSE-SU-2021:3205-1","SUSE-SU-2021:3205-2","SUSE-SU-2021:3207-1","SUSE-SU-2021:3415-1","SUSE-SU-2024:2010-1","SUSE-SU-2024:2183-1","SUSE-SU-2024:2185-1","SUSE-SU-2025:01995-1","openSUSE-SU-2021:1271-1","openSUSE-SU-2021:3179-1","openSUSE-SU-2021:3205-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220407-0007/"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117"},{"type":"FIX","url":"https://www.openwall.com/lists/oss-security/2021/08/27/2"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1997961"},{"type":"EVIDENCE","url":"https://lists.openwall.net/netdev/2021/08/17/124"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git","events":[{"introduced":"0"},{"fixed":"7e78c597c3ebfd0cb329aa09a838734147e4f117"}]},{"type":"GIT","repo":"https://github.com/torvalds/linux","events":[{"introduced":"0"},{"fixed":"f443e374ae131c168a065ea1748feac6b2e76613"},{"introduced":"0"},{"last_affected":"7c60610d476766e128cc4284bb6349732cbd6606"},{"introduced":"0"},{"last_affected":"f443e374ae131c168a065ea1748feac6b2e76613"},{"introduced":"0"},{"last_affected":"e783362eb54cd99b2cac8b3a9aeac942e6f6ac07"},{"introduced":"0"},{"last_affected":"26291c54e111ff6ba87a164d85d4a4e134b7315c"},{"introduced":"0"},{"last_affected":"dfd42facf1e4ada021b939b4e19c935dcdd55566"},{"introduced":"0"},{"last_affected":"754e0b0e35608ed5206d6a67a791563c631cec07"},{"introduced":"0"},{"last_affected":"cfb92440ee71adcc2105b0890bb01ac3cddb8507"},{"introduced":"0"},{"last_affected":"7e57714cd0ad2d5bb90e50b5096a0e671dec1ef3"},{"fixed":"7e78c597c3ebfd0cb329aa09a838734147e4f117"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"5.17"},{"introduced":"0"},{"last_affected":"5.14-rc6"},{"introduced":"0"},{"last_affected":"5.17-NA"},{"introduced":"0"},{"last_affected":"5.17-rc1"},{"introduced":"0"},{"last_affected":"5.17-rc2"},{"introduced":"0"},{"last_affected":"5.17-rc3"},{"introduced":"0"},{"last_affected":"5.17-rc4"},{"introduced":"0"},{"last_affected":"5.17-rc5"},{"introduced":"0"},{"last_affected":"5.17-rc6"}]}}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.3"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"22.2.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3743.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}]}