Linux Kernel get_vdev_port_node_info Denial of Service Vulnerability
A vulnerability in the Linux Kernel could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability exists in the get_vdev_port_node_info function, as defined in the arch/sparc/kernel/mdesc.c source code file of the affected software, and is due to an unchecked kstrdup_const of node_info->vdev_port.name. An attacker could exploit this vulnerability by sending a request that submits malicious input to the targeted system. An exploit could trigger a NULL pointer dereference condition that causes the system to crash, resulting in a DoS condition.
Kernel.org has confirmed the vulnerability and released software updates.
Security Impact Rating: High