Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel 输入验证错误漏洞
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 2.6.38以及之前版本存在输入验证错误漏洞,该漏洞源于在执行内存复制操作之前没有验证length 和offset值。本地用户可以借助与_ctl_do_mpt_command和_ctl_diag_read_buffer函数有关的ioctl调用获取特权,导致拒绝服务(内存破坏)或者从内核内存中获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A