Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:23901
HistoryApr 10, 2020 - 12:39 a.m.

Denial Of Service (DoS)

2020-04-1000:39:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12

0.0004 Low

EPSS

Percentile

10.1%

The kernel packages is vulnerable to Denial of Service (DoS). A NULL pointer dereference flaw was found in the firewire-ohci driver used for OHCI compliant IEEE 1394 controllers. A local, unprivileged user with access to /dev/fw* files could issue certain IOCTL calls, causing a denial of service or privilege escalation. The FireWire modules are blacklisted by default, and if enabled, only root has access to the files noted above by default.

References