Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:NFS: fs_context: validate UDP retrans to prevent shift out-of-boundsFix shift out-of-bounds in xprt_calc_majortimeo(). This is causedby a garbage timeout (retrans) mount option being passed to nfs mount,in this case from syzkaller.If the protocol is XPRT_TRANSPORT_UDP, then 'retrans' is a shiftvalue for a 64-bit long integer, so 'retrans' cannot be >= 64.If it is >= 64, fail the mount and return an error.
- https://git.kernel.org/stable/c/96fa26b74cdcf9f5c98996bf36bec9fb5b19ffe2
No PoCs found on GitHub currently.