Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 3 Apr 2019 07:46:52 -0400 (EDT)
From: Vladis Dronov <>
Subject: CVE-2019-3882: Linux kernel: DoS through vfio/type1 DMA mappings


A flaw was found in the Linux kernel's vfio interface implementation that permits
violation of the user's locked memory limit. If a device is bound to a vfio driver,
such as vfio-pci, and the local attacker is administratively granted ownership of
the device, it may cause a system memory exhaustion and thus a denial of service (DoS).

CVE-2019-3882 was allocated for this flaw.


Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security | Senior Software Engineer

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.