Denial Of Service (DoS)

2020-04-1000:43:35

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON

The kernel is vulnerable to Denial Of Service (DoS). Due to a flaw found in the gfs2_lock() implementation, the GFS2 locking code could skip the lock operation for files that have the S_ISGID bit (set-group-ID on execution) in their mode set. A local, unprivileged user on a system that has a GFS2 file system mounted could use this flaw to cause a kernel panic (denial of service).

CPENameOperatorVersion
kerneleq2.6.18__8.1.14.el5
kerneleq2.6.18__92.1.17.el5
kerneleq2.6.18__128.1.14.el5
kerneleq2.6.18__128.29.1.el5
kerneleq2.6.18__164.el5
kerneleq2.6.18__92.1.22.el5
kerneleq2.6.18__164.10.1.el5
kerneleq2.6.18__8.1.8.el5
kerneleq2.6.18__53.1.4.el5
kerneleq2.6.18__164.6.1.el5

Name	Operator	Version
kernel	eq	2.6.18__8.1.14.el5
kernel	eq	2.6.18__92.1.17.el5
kernel	eq	2.6.18__128.1.14.el5
kernel	eq	2.6.18__128.29.1.el5
kernel	eq	2.6.18__164.el5
kernel	eq	2.6.18__92.1.22.el5
kernel	eq	2.6.18__164.10.1.el5
kernel	eq	2.6.18__8.1.8.el5
kernel	eq	2.6.18__53.1.4.el5
kernel	eq	2.6.18__164.6.1.el5