Note:
This project will be discontinued after December 13, 2021. [more]
2018-04-16
The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.
Products | Ubuntu_linux, Debian_linux, Linux_kernel |
Type | Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) |
First patch |
https://github.com/torvalds/linux/commit/4ea77014af0d6205b05503d1c7aac6eace11d473 |
Relevant file/s | ./kernel/signal.c (modified, +4) |
Links |
• http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ea77014af0d6205b05503d1c7aac6eace11d473
• https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html • https://news.ycombinator.com/item?id=2972021 • http://www.securitytracker.com/id/1040684 • https://usn.ubuntu.com/3696-2/ |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: