Lucene search

Veracode Vulnerability DatabaseVERACODE:19510

HistoryMay 16, 2019 - 3:18 a.m.

Denial Of Service (DoS)

2019-05-1603:18:33

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON

Linux kernel is vulnerable to denial of service(DoS) attacks. This occurs when the [io_ti] driver is loaded, a local unprivileged attacker could request incorrect high transfer speed in the change_port_settings() in the drivers/usb/serial/io_ti.c so that the divisor value becomes zero and causes a system crash resulting in a denial of service.

CPENameOperatorVersion
kerneleq3.10.0__862.6.3.el7
kerneleq3.10.0__862.el7
kerneleq3.10.0__693.el7
kerneleq3.10.0__693.5.2.p7ih.el7
kerneleq3.10.0__862.2.3.el7
kerneleq3.10.0__693.21.1.el7
kerneleq3.10.0__693.11.6.el7
kerneleq3.10.0__862.11.6.el7
kerneleq3.10.0__514.26.2.el7
kerneleq3.10.0__862.3.2.el7

Name	Operator	Version
kernel	eq	3.10.0__862.6.3.el7
kernel	eq	3.10.0__862.el7
kernel	eq	3.10.0__693.el7
kernel	eq	3.10.0__693.5.2.p7ih.el7
kernel	eq	3.10.0__862.2.3.el7
kernel	eq	3.10.0__693.21.1.el7
kernel	eq	3.10.0__693.11.6.el7
kernel	eq	3.10.0__862.11.6.el7
kernel	eq	3.10.0__514.26.2.el7
kernel	eq	3.10.0__862.3.2.el7

Rows per page:

1-10 of 541

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6aeb75e6adfaed16e58780309613a578fe1ee90b

www.securityfocus.com/bid/106802

access.redhat.com/articles/3553061

access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index

access.redhat.com/errata/RHSA-2018:3083

access.redhat.com/security/cve/CVE-2017-18360

access.redhat.com/security/cve/CVE-2018-18690

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1322930

bugzilla.redhat.com/show_bug.cgi?id=1488484

bugzilla.redhat.com/show_bug.cgi?id=1504058

bugzilla.redhat.com/show_bug.cgi?id=1507027

bugzilla.redhat.com/show_bug.cgi?id=1542494

bugzilla.redhat.com/show_bug.cgi?id=1557434

bugzilla.redhat.com/show_bug.cgi?id=1557599

bugzilla.redhat.com/show_bug.cgi?id=1558328

bugzilla.redhat.com/show_bug.cgi?id=1561162

bugzilla.redhat.com/show_bug.cgi?id=1563697

bugzilla.redhat.com/show_bug.cgi?id=1564186

bugzilla.redhat.com/show_bug.cgi?id=1568167

bugzilla.redhat.com/show_bug.cgi?id=1572983

bugzilla.redhat.com/show_bug.cgi?id=1584775

bugzilla.redhat.com/show_bug.cgi?id=1592654

bugzilla.redhat.com/show_bug.cgi?id=1609717

bugzilla.suse.com/show_bug.cgi?id=1123706

cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.3

github.com/torvalds/linux/commit/6aeb75e6adfaed16e58780309613a578fe1ee90b

usn.ubuntu.com/3933-1/

usn.ubuntu.com/3933-2/

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON

Related for VERACODE:19510