A flaw was found in the way the Mellanox 5th generation network adapters (ConnectX series) core driver in the Linux kernel handled resource cleanup in the mlx5_fw_fatal_reporter_dump function. This flaw allows an attacker with the ability to trigger errors in the mlx5_crdump_collect function to crash the system. #### Mitigation In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module mlx5_core. For instructions relating to how to blacklist a kernel module refer to: <https://access.redhat.com/solutions/41278> .
Ubuntu 18.04 LTS / 19.10 : linux, linux-aws, linux-azure, linux-azure-5.3, linux-gcp, linux-gcp-5.3, (USN-4225-1)
CentOS 8 : kernel (CESA-2020:1769)
RHEL 8 : kernel (RHSA-2020:1769)
RHEL 8 : kernel-rt (RHSA-2020:1567)
Ubuntu Update for linux USN-4225-1
Linux kernel vulnerabilities
(RHSA-2020:1769) Important: kernel security, bug fix, and enhancement update