cpe:/o:canonical:ubuntu_linux:12.04::~~esm~~~ cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:17.10 cpe:/o:debian:debian_linux:7.0 cpe:/o:debian:debian_linux:8.0 cpe:/o:linux:linux_kernel:4.14.13 CVE-2018-5332 2018-01-11T02:29:00.217-05:00 2019-03-05T13:05:52.947-05:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2019-03-05T09:49:01.477-05:00 BID 102507 DEBIAN DSA-4187 REDHAT RHSA-2018:0470 UBUNTU USN-3617-1 UBUNTU USN-3617-2 UBUNTU USN-3617-3 UBUNTU USN-3619-1 UBUNTU USN-3619-2 UBUNTU USN-3620-1 UBUNTU USN-3620-2 UBUNTU USN-3632-1 MLIST [debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update CONFIRM http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c095508770aebf1b9218e77026e48345d719b17c CONFIRM https://github.com/torvalds/linux/commit/c095508770aebf1b9218e77026e48345d719b17c In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).