kernel is vulnerable to information disclosure. The vulnerability exists in create_pinctrl
of core.c
, through an out of bounds read due to a use after free.
lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html
lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html
packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html
access.redhat.com/errata/RHSA-2021:0857
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1919893
lists.debian.org/debian-lts-announce/2020/12/msg00027.html
source.android.com/security/bulletin/pixel/2020-09-01