In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpc_svc_unwrap_request and lustre_msg_hdr_size_v2.
References
Link | Resource |
---|---|
http://lustre.org/ | Product Vendor Advisory |
http://wiki.lustre.org/Lustre_2.12.3_Changelog | Release Notes Vendor Advisory |
https://review.whamcloud.com/#/c/36119/ | Third Party Advisory |
https://jira.whamcloud.com/browse/LU-12590 | Exploit Third Party Advisory |
Configurations
Information
Published : 2020-01-26 21:15
Updated : 2020-01-29 11:44
NVD link : CVE-2019-20429
Mitre link : CVE-2019-20429
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
lustre
- lustre