3 matches found
CVE-2019-20427
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between reqcapsulegetsize and tgtbrwwrite leads to a tgtshortio2pages integer...
CVE-2019-20427
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between reqcapsulegetsize and tgtbrwwrite leads to a tgtshortio2pages integer...
CVE-2019-20427
CVE-2019-20427 affects Lustre before version 2.12.3, where the ptlrpc module may overflow buffers and panic, with potential remote code execution due to insufficient validation of certain client packet fields. The root cause is described as an integer signedness error arising from the interaction...