Integer Overflow in alarm_timer_nsleep function in Linux Kernel

Integer Overflow in alarm_timer_nsleep function in Linux Kernel

CVE-2018-13053 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.