CVE-2018-5332

Published: Jan 11, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c095508770aebf1b9218e77026e48345d719b17c

x_refsource_CONFIRM

DSA-4187

vendor-advisory

x_refsource_DEBIAN

https://github.com/torvalds/linux/commit/c095508770aebf1b9218e77026e48345d719b17c

x_refsource_CONFIRM

USN-3617-1

vendor-advisory

x_refsource_UBUNTU

USN-3619-2

vendor-advisory

x_refsource_UBUNTU

USN-3617-3

vendor-advisory

x_refsource_UBUNTU

USN-3632-1

vendor-advisory

x_refsource_UBUNTU

USN-3620-2

vendor-advisory

x_refsource_UBUNTU

102507

vdb-entry

x_refsource_BID

RHSA-2018:0470

vendor-advisory

x_refsource_REDHAT

[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update

mailing-list

x_refsource_MLIST

USN-3617-2

vendor-advisory

x_refsource_UBUNTU

USN-3620-1

vendor-advisory

x_refsource_UBUNTU

USN-3619-1

vendor-advisory

x_refsource_UBUNTU

https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=60daca9efbb3e4109ebc1f7069543e5573fc124e

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-5332

Description

Affected Products

References