Описание
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
Отчет
This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not provide support for MPT (Message Passing Technology) based controllers. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0833.html, and https://rhn.redhat.com/errata/RHSA-2011-0542.html, and https://rhn.redhat.com/errata/RHSA-2011-1253.html.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | kernel | Not affected | ||
| Red Hat Enterprise MRG 1 | realtime-kernel | Affected | ||
| Red Hat Enterprise Linux 5 | kernel | Fixed | RHSA-2011:0833 | 31.05.2011 |
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2011:0542 | 19.05.2011 |
| Red Hat Enterprise Linux 6.0 EUS - Server Only | kernel | Fixed | RHSA-2011:0883 | 21.06.2011 |
| Red Hat Enterprise MRG 2 | kernel-rt | Fixed | RHSA-2011:1253 | 12.09.2011 |
Показывать по
Дополнительная информация
Статус:
7.2 High
CVSS2
Связанные уязвимости
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earl ...
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
ELSA-2011-2016: Unbreakable Enterprise kernel security fix update (IMPORTANT)
7.2 High
CVSS2