Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOTE: the affected function was renamed to vhost_scsi_make_tpg before the vulnerability was announced.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel‘vhost_scsi_make_tpg()’数组索引错误漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 4.0之前版本的drivers/vhost/scsi.c脚本中的‘tcm_vhost_make_tpg’函数存在数组索引错误漏洞。虚拟机端攻击者可借助VHOST_SCSI_SET_ENDPOINT ioctl调用利用该漏洞造成拒绝服务(内存损坏)。
CVSS Information
N/A
Vulnerability Type
N/A