Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.
CVSS Information
N/A
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
Linux kernel 缓冲区错误漏洞
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于LightNVM 子系统中发现了基于堆的缓冲区溢出,将用户提供的数据复制到固定长度的基于堆的缓冲区之前缺乏对长度的正确验证,攻击者利用该漏洞可以提升权限并在内核上下文中执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A