CVE-2018-5332

CVE: CVE-2018-5332
Published: 2018-01-11T07:29Z
Vendor: linux
Products: linux_kernel
Versions: 4.14.13,
Description Language: en
Description: In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
References:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c095508770aebf1b9218e77026e48345d719b17c
http://www.securityfocus.com/bid/102507
https://github.com/torvalds/linux/commit/c095508770aebf1b9218e77026e48345d719b17c