[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1805750602.17169248.1554292012603.JavaMail.zimbra@redhat.com>
Date: Wed, 3 Apr 2019 07:46:52 -0400 (EDT)
From: Vladis Dronov <vdronov@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2019-3882: Linux kernel: DoS through vfio/type1 DMA mappings
Heololo,
A flaw was found in the Linux kernel's vfio interface implementation that permits
violation of the user's locked memory limit. If a device is bound to a vfio driver,
such as vfio-pci, and the local attacker is administratively granted ownership of
the device, it may cause a system memory exhaustion and thus a denial of service (DoS).
CVE-2019-3882 was allocated for this flaw.
References:
https://lore.kernel.org/lkml/155414977872.12780.13728555131525362206.stgit@gimli.home/T/#u
https://bugzilla.redhat.com/show_bug.cgi?id=1689426
Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security | Senior Software Engineer
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
