Severity: Unknown
Affected Package: kernel
Summary: Heap overflow in mpr/mps/mpt CFG_PAGE ioctl handlers
Handlers for the *_CFG_PAGE read/write ioctls in the mpr, mps and mpt disk-controller drivers allocated a buffer of a caller-specified size but copied a fixed-size header into it. If the specified size was too small, other heap contents would be overwritten, which a privileged user could leverage to corrupt kernel memory.
No specific recommendations provided.
Aliases: CVE-2022-23086
Published: April 06, 2022
Last Modified: April 06, 2022