copy_params in drivers/md/dm-ioctl.c in the Linux kernel...
Moderate severity
Unreviewed
Published
Jan 23, 2024
to the GitHub Advisory Database
•
Updated Jun 27, 2024
Description
Published by the National Vulnerability Database
Jan 23, 2024
Published to the GitHub Advisory Database
Jan 23, 2024
Last updated
Jun 27, 2024
copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl.
References