4 matches found
CVE-2017-14991
Consolidated details from connected advisories show CVE-2017-14991 affects the Linux kernel sg_ioctl path (drivers/scsi/sg.c) with vulnerable code in sg_get_request_table handling for /dev/sg0. The flaw exists in kernels before 4.13.4, allowing local attackers to read uninitialized kernel heap me...
BSA-2017-304
Security Advisory ID : BSA-2017-304 Component : Linux Kernel Revision : 1.0: Interim The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memo...
CVE-2016-10088
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a...
Null pointer dereference
The sgbuildindirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service kernel OOPS and NULL pointer dereference, as demonstrated by using xcdroast to duplicate a CD...