In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network messages. When it exceeds DLM_RESNAME_MAXLEN, it can cause out-of-bounds write in dlm_search_rsb_tree(). Add length validation to prevent potential buffer overflow.
The dlm_dump_rsb_name() function accepts a 'len' parameter without validating its value, with the parameter originating directly from network messages. When the 'len' value exceeds the DLM_RESNAME_MAXLEN constant, calling dlm_search_rsb_tree() leads to an out-of-bounds write in memory (CWE-787 — buffer overflow). The patch introduces length validation before data processing, eliminating the possibility of exceeding the permissible range.
A remote attacker, without authentication, can cause kernel memory corruption, which may result in system compromise (RCE), privilege escalation, or system crash (Denial of Service).
Apply patches available from the vendor according to references — fixes have been published in the kernel.org repository (including commits: 080e5563f878, 082083c9fbd9, 5f053a2e7209, 67288113c5e6). It is recommended to update the kernel to a version containing the aforementioned changes and to restrict DLM service exposure to untrusted networks.
Linux kernel — versions indicated in vendor references (commits available in kernel.org repository).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLinux Kernel
OSLinux3.4 – 6.12.75 (bez)6.13 – 6.18.16 (bez)6.19 – 6.19.6 (bez)
Related vulnerabilities
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a...