RedosROS-20240418-07ROS-20240418-07
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.6 High
AI Score
Confidence
High
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
14.0%
A vulnerability in the idxd: component of the Linux operating system kernel is related to pasid writing when the
device. Exploitation of the vulnerability could allow an attacker to impact the integrity of the
protected information
A vulnerability in the nftables: component of the Linux kernel is related to memcpy() interruption
function when connlimit is used on set elements. Exploitation of the vulnerability could allow an attacker to
execute arbitrary code
A vulnerability in the idxd: component of the Linux operating system kernel is related to the ability to make changes,
when the device is enabled but wq is disabled. Exploitation of the vulnerability could allow an attacker to execute
arbitrary code
Vulnerability in the net: component of the Linux kernel is related to the generation of a dereference of the
NULL pointer of tcp_available_congestion_control and tcp_allowed_congestion_control. Exploitation
of the vulnerability could allow an attacker to cause a denial of service
A vulnerability in the idxd: component of the Linux operating system kernel is related to a lack of register clearing
WQCFG. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to the
protected information
Vulnerability in the idxd: component of the Linux operating system kernel is related to the generation of dereferencing of the
NULL pointer during ethtool loopback test execution. Exploitation of the vulnerability could allow
an attacker to cause a denial of service
A vulnerability in the idxd: component of the Linux operating system kernel is related to overwriting the SWERR and
OVERFLOW. Exploitation of the vulnerability could allow an attacker to disclose sensitive information
Vulnerability in ch_ktls: component of Linux kernel is related to lack of synchronization locking.
synchronization. Exploitation of the vulnerability could allow an attacker to cause a denial of service
A vulnerability in the ixgbe: component of the Linux operating system kernel is related to resource release errors.
Exploitation of the vulnerability could allow an attacker to cause a denial of service
Vulnerability in the nft_limit_init div_u64() function of the Linux kernel is related to the lack of
verification of correctness of mathematical operations. Exploitation of the vulnerability could allow
an attacker to cause a denial of service
Vulnerability in the kmap_local() function of a Linux kernel is related to doubling the number of slots of the
fixmap slots for each processor allocated to kmap_local(). Exploitation of the vulnerability could allow
an attacker to cause a denial of service
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.6 High
AI Score
Confidence
High
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
14.0%