CVE-2018-8822: Linux Kernel Memory Corruption Vulnerability

by do son · Published March 23, 2018 · Updated April 2, 2023

Recently, the Linux kernel was exposed to a memory corruption vulnerability (CVE-2018-8822). The vulnerability is due to incorrect buffer length handling was found in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel, which could be exploited by malicious NCPFS servers to crash the kernel or possibly execute an arbitrary code within the context of the affected device. Failed exploit attempts may result in a denial-of-service condition.

Affected Versions

All Linux

Solution

A suggested fix:

https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git/commit/?id=4c41aa24baa4ed338241d05494f2c595c885af8f

Source: SecurityFocus, redhat

CVE-2018-8822: Linux Kernel Memory Corruption Vulnerability

Search

Brilliantly

Content & Links