Issue metadata
Sign in to add a comment
|
CVE-2017-15128 CrOS: Vulnerability reported in Linux kernel |
||||||||||||||||||||||
Issue descriptionVOMIT (go/vomit) has received an external vulnerability report for the Linux kernel. Advisory: CVE-2017-15128 Details: http://vomit.googleplex.com/advisory?id=CVE/CVE-2017-15128 CVSS severity score: 4.9/10.0 Description: A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG). This bug was filed by http://go/vomit Please contact us at vomit-team@google.com if you need any assistance.
,
Feb 2 2018
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by groeck@chromium.org
, Feb 2 2018Labels: Security_Severity-Medium Security_Impact-None Pri-3
Owner: groeck@chromium.org
Status: WontFix (was: Untriaged)
Upstream 1e392147135424 ("userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of i_size"). v4.14 and thus chromeos-4.14 is not affected. The affected function does not exist in v4.4; chromeos-4.4 and older are thus not affected either.