In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client.
References
Link | Resource |
---|---|
http://lustre.org/ | Product Vendor Advisory |
http://wiki.lustre.org/Lustre_2.12.3_Changelog | Release Notes Vendor Advisory |
https://jira.whamcloud.com/browse/LU-12602 | Exploit Third Party Advisory |
https://review.whamcloud.com/#/c/36208/ | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-01-27 05:15
Updated : 2024-02-04 20:39
NVD link : CVE-2019-20430
Mitre link : CVE-2019-20430
CVE.ORG link : CVE-2019-20430
JSON object : View
Products Affected
lustre
- lustre