2 matches found
kernel: xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write which could result in crash and data coruption
An out-of-bounds OOB memory access flaw was found in the Network XDP the eXpress Data Path module in the Linux kernel's xdpumemreg function in net/xdp/xdpumem.c. When a user with special user privilege of CAPNETADMIN or root calls setsockopt to register umem ring on XDP socket, passing the headro...
CVE-2020-12659
Concrete details found: CVE-2020-12659 affects the Linux kernel before 5.6.7. The vulnerability is an out-of-bounds write in xdp_umem_reg() of net/xdp/xdp_umem.c, exploitable by a user with CAP_NET_ADMIN due to missing headroom validation. Impact described across connected docs includes potential...