mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
856 B
856 B
CVE-2019-20425
Description
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustre_msg_string, there is no validation of a certain length value derived from lustre_msg_buflen_v2.
POC
Reference
- http://lustre.org/
- http://lustre.org/
- http://wiki.lustre.org/Lustre_2.12.3_Changelog
- http://wiki.lustre.org/Lustre_2.12.3_Changelog
Github
No PoCs found on GitHub currently.