发布时间: 2024年6月21日
修改时间: 2024年10月31日
In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all the places doing math on user controlled buffers.
NVD | openEuler | |
---|---|---|
Confidentiality | High | High |
Attack Vector | Local | Local |
CVSS评分 | 7.8 | 6.7 |
Attack Complexity | Low | Low |
Privileges Required | Low | High |
Scope | Unchanged | Unchanged |
Integrity | High | High |
User Interaction | None | None |
Availability | High | High |
公告名 | 概要 | 发布时间 |
---|---|---|
KylinSec-SA-2024-4715 | In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all the places doing math on user controlled buffers. | 2025年2月6日 |
产品 | 包 | 状态 |
---|---|---|
KY3.4-5 | kernel | Fixed |