CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
5.1%
The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux
kernel 2.6.9 does not perform a capability check for the Z90QUIESCE
operation, which allows local users to leverage euid 0 privileges to force
a driver outage.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | linux-source-2.6.15 | < 2.6.15-55.80 | UNKNOWN |