Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24246
HistoryApr 10, 2020 - 12:50 a.m.

Denial Of Service (DoS)

2020-04-1000:50:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7

6.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:N/A:C

The kernel is vulnerable to denial of service (DoS). A flaw in the Linux kernel’s packet writing driver could be triggered via the PKT_CTRL_CMD_STATUS IOCTL request, possibly allowing a local, unprivileged user with access to “/dev/pktcdvd/control” to cause an information leak. Note: By default, only users in the cdrom group have access to “/dev/pktcdvd/control”.

References

6.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:N/A:C