In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
24 Feb 2023, 18:43
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=60daca9efbb3e4109ebc1f7069543e5573fc124e - Mailing List, Patch, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/102507 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2018-01-11 07:29
Updated : 2024-02-04 19:29
NVD link : CVE-2018-5332
Mitre link : CVE-2018-5332
CVE.ORG link : CVE-2018-5332
JSON object : View
Products Affected
canonical
- ubuntu_linux
debian
- debian_linux
linux
- linux_kernel
CWE
CWE-787
Out-of-bounds Write