Heap-based Out-of-Bounds Write Vulnerability in Linux Kernel through 3.2
CVE-2018-5332 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.