Lucene search

K

[email protected]NVD:CVE-2019-19922

HistoryDec 22, 2019 - 8:15 p.m.

CVE-2019-19922

2019-12-2220:15:10

CWE-400

[email protected]

web.nvd.nist.gov

2

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.1%

kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)

Affected configurations

NVD

Node

linuxlinux_kernelRange<5.3.9

Node

oraclesd-wan_edgeMatch8.2

OR

canonicalubuntu_linuxMatch18.04lts

OR

canonicalubuntu_linuxMatch19.04

OR

debiandebian_linuxMatch8.0

Node

netappactive_iq_unified_managerMatch-vmware_vsphere

OR

netappcloud_backupMatch-

OR

netappdata_availability_servicesMatch-

OR

netappe-series_santricity_os_controllerRange11.0–11.70.2

OR

netappfas\/aff_baseboard_management_controllerMatch-

OR

netapphci_baseboard_management_controllerMatchh610s

OR

netappsolidfire_\&_hci_management_nodeMatch-

OR

netappsteelstore_cloud_integrated_storageMatch-

OR

netappaff_baseboard_management_controllerMatcha700

OR

netappsolidfire_baseboard_management_controllerMatch-

References

cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425

github.com/kubernetes/kubernetes/issues/67577

github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425

lists.debian.org/debian-lts-announce/2020/01/msg00013.html

relistan.com/the-kernel-may-be-slowing-down-your-app

security.netapp.com/advisory/ntap-20200204-0002/

usn.ubuntu.com/4226-1/

www.oracle.com/security-alerts/cpuApr2021.html

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.1%

Related for NVD:CVE-2019-19922

redhatcve1 osv2 ubuntucve1 prion1 cve1 veracode1 cvelist1 debiancve1 photon4 redhat3 nessus16 oraclelinux2 openvas8 ubuntu1 debian1 oracle1