5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
kernel is vulnerable to denial of service. The vulnerability exists when cpu.cfs_quota_us
is used which allows attackers to cause a denial of service against non-cpu-bound applications.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index
access.redhat.com/errata/RHSA-2020:1769
access.redhat.com/security/updates/classification/#important
cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425
github.com/kubernetes/kubernetes/issues/67577
github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425
lists.debian.org/debian-lts-announce/2020/01/msg00013.html
relistan.com/the-kernel-may-be-slowing-down-your-app
security.netapp.com/advisory/ntap-20200204-0002/
usn.ubuntu.com/4226-1/
www.oracle.com/security-alerts/cpuApr2021.html
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P