In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client.
References
Link | Resource |
---|---|
http://lustre.org/ | Product Vendor Advisory |
http://wiki.lustre.org/Lustre_2.12.3_Changelog | Release Notes Vendor Advisory |
https://jira.whamcloud.com/browse/LU-12602 | Exploit Third Party Advisory |
https://review.whamcloud.com/#/c/36208/ | Third Party Advisory |
http://lustre.org/ | Product Vendor Advisory |
http://wiki.lustre.org/Lustre_2.12.3_Changelog | Release Notes Vendor Advisory |
https://jira.whamcloud.com/browse/LU-12602 | Exploit Third Party Advisory |
https://review.whamcloud.com/#/c/36208/ | Third Party Advisory |
Configurations
History
21 Nov 2024, 04:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://lustre.org/ - Product, Vendor Advisory | |
References | () http://wiki.lustre.org/Lustre_2.12.3_Changelog - Release Notes, Vendor Advisory | |
References | () https://jira.whamcloud.com/browse/LU-12602 - Exploit, Third Party Advisory | |
References | () https://review.whamcloud.com/#/c/36208/ - Third Party Advisory |
Information
Published : 2020-01-27 05:15
Updated : 2024-11-21 04:38
NVD link : CVE-2019-20430
Mitre link : CVE-2019-20430
CVE.ORG link : CVE-2019-20430
JSON object : View
Products Affected
lustre
- lustre