Dr Silvio Cesare

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 4.15.11 Linux kernel versions 4.16-rc through 4.16-rc6 **Description** The issue is related to incorrect buffer length handling in the ncp read kernel function, which could be exploited by malicious NCPFS servers to crash the kernel or execute code. **Recommendations** For Linux kernel versions through 4.15.11, update to a version later than 4.15.11 to resolve the issue. For Linux kernel versions 4.16-rc through 4.16-rc6, update to a version later than 4.16-rc6 to resolve the issue. As a temporary workaround, consider restricting access to the ncp read kernel function in fs/ncpfs/ncplib kernel.c and drivers/staging/ncpfs/ncplib kernel.c to minimize the risk of exploitation.