Bug 1738711 (CVE-2018-20854)
Summary: | CVE-2018-20854 kernel: Out-of-bounds read in drivers/phy/mscc/phy-ocelot-serdes.c | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | acaringi, airlied, bhu, blc, brdeoliv, bskeggs, dhoward, dvlasenk, esammons, fhrbata, hdegoede, hkrzesin, iboverma, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, jlelli, john.j5live, jonathan, josef, jross, jshortt, jstancek, jwboyer, kernel-maint, kernel-mgr, labbott, lgoncalv, linville, matt, mchehab, mcressma, mjg59, mlangsdo, nmurray, plougher, rt-maint, rvrbovsk, steved, williams, wmealing |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A flaw was found in the Linux kernel’s implementation of ocelot-serdes hardware. An incorrect limits calculation allowed an off-by-one calculation, which could read out of bounds data and panic the system. If the data was not out of bounds, the following code could then write data into the out of bounds area, corrupting memory or other possible consequences.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-11-21 07:04:49 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1738712 | ||
Bug Blocks: | 1738713 |
Description
Pedro Sampaio
2019-08-07 22:26:41 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1738712] This was fixed in Fedora with the 4.20 stable kernel update. Mitigation: There is no requirement for mitigation at this time as this flaw does not affect shipping releases of Red Hat Enterprise Linux This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-20854 |