AZL-34880 CVE-2024-23851 affecting package kernel for versions less than 6.6.35.1-4

copyparams in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INTMAX bytes, and crash, because of a missing paramkernel-datasize check. This is related to ctlioctl...

PT-2019-4979 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.1.5 Description: An issue was discovered in the MPT3COMMAND case in ctl ioctl main in drivers/scsi/mpt3sas/mpt3sas ctl.c. It allows local users to cause a denial of service or possibly have unspecified other...