In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldl_request_cancel function mishandles a large lock_count parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-27T04:20:43
Updated: 2024-08-05T02:39:09.987Z
Reserved: 2020-01-27T00:00:00
Link: CVE-2019-20428
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-01-27T05:15:12.187
Modified: 2020-01-29T19:19:04.300
Link: CVE-2019-20428
Redhat
No data.