{"id":"CVE-2018-5332","details":"In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).","modified":"2026-03-15T22:26:17.428338Z","published":"2018-01-11T07:29:00.217Z","related":["SUSE-SU-2018:0383-1","SUSE-SU-2018:0416-1","SUSE-SU-2018:0482-1","SUSE-SU-2018:0555-1","SUSE-SU-2018:0660-1","SUSE-SU-2018:0834-1","SUSE-SU-2018:0841-1","SUSE-SU-2018:0848-1","SUSE-SU-2018:0986-1","openSUSE-SU-2024:10728-1","openSUSE-SU-2024:13704-1"],"references":[{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4187"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3632-1/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0470"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3617-3/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3619-2/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/102507"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3620-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3620-2/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3617-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3617-2/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3619-1/"},{"type":"FIX","url":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c095508770aebf1b9218e77026e48345d719b17c"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=60daca9efbb3e4109ebc1f7069543e5573fc124e"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/c095508770aebf1b9218e77026e48345d719b17c"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"3.2.99"}]},{"events":[{"introduced":"3.3"},{"fixed":"3.16.54"}]},{"events":[{"introduced":"3.17"},{"fixed":"3.18.92"}]},{"events":[{"introduced":"3.19"},{"fixed":"4.1.50"}]},{"events":[{"introduced":"4.2"},{"fixed":"4.4.112"}]},{"events":[{"introduced":"4.5"},{"fixed":"4.9.77"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.44"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.04"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"17.10"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5332.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}