Array Index Error in tcm_vhost_make_tpg Function in Linux Kernel

Array Index Error in tcm_vhost_make_tpg Function in Linux Kernel

CVE-2015-4036 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOTE: the affected function was renamed to vhost_scsi_make_tpg before the vulnerability was announced.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.