Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel 输入验证错误漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.13.9及之前版本的drivers/vhost/net.c文件中的‘handle_rx and get_rx_bufs’函数存在安全漏洞,该漏洞源于当禁用合并的缓冲区时,程序没有正确验证数据包长度。虚拟机端攻击者可借助特制的数据包利用该漏洞造成拒绝服务(内存损坏和主机操作系统崩溃)或获取主机操作系统权限。
CVSS Information
N/A
Vulnerability Type
N/A