Recently, the Linux kernel was exposed to a memory corruption vulnerability (CVE-2018-8822). The vulnerability is due to incorrect buffer length handling was found in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel, which could be exploited by malicious NCPFS servers to crash the kernel or possibly execute an arbitrary code within the context of the affected device. Failed exploit attempts may result in a denial-of-service condition.
Affected Versions
- All Linux
Solution
A suggested fix:
Source: SecurityFocus, redhat
