Off-by-one Error in Linux Kernel's Ocelot SerDes PHY Driver Leads to Out-of-bounds Read

Off-by-one Error in Linux Kernel's Ocelot SerDes PHY Driver Leads to Out-of-bounds Read

CVE-2018-20854 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.