kernel-rt is vulnerable to denial of service (DoS) attacks. A flaw out of bounds memory access in the Linux kernel bluetooth subsystem was found in the way when some data being read about the bluetooth device with the hci_extended_inquiry_result_evt call. A local user could use this flaw to crash the system or read some data out of memory bounds that can lead to data confidentiality threat.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
access.redhat.com/errata/RHSA-2021:4356
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1969489
cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.1
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51c19bf3d5cfaa66571e4b88ba2a6f6295311101
sites.google.com/view/syzscope/kasan-slab-out-of-bounds-read-in-hci_extended_inquiry_result_evt
syzkaller.appspot.com/bug?id=4bf11aa05c4ca51ce0df86e500fce486552dc8d2
syzkaller.appspot.com/text?tag=ReproC&x=15ca2f46900000