The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.
Integer Overflow
Linux
Buffer Overflow
Linux Kernel
Ubuntu Linux
+1
NVD
CVSS 3.0
3.3
EPSS
0.5%