Lucene search

K

Veracode Vulnerability DatabaseVERACODE:27799

HistoryNov 05, 2020 - 3:15 a.m.

Denial Of Service (DoS)

2020-11-0503:15:00

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

13

4.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

kernel is vulnerable to denial-of-service (DoS) attacks. The vulnerability exists in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c due to an unchecked kstrdup of prop->name allowing an attacker to cause an application crash.

CPENameOperatorVersion
kerneleq4.18.0__80.7.1.el8_0
kerneleq4.18.0__80.7.2.el8_0
kerneleq4.18.0__193.23.1.el8_2
kerneleq4.18.0__80.11.2.el8_0
kerneleq4.18.0__147.8.1.el8_1
kerneleq4.18.0__193.10.el8
kerneleq4.18.0__168.el8
kerneleq4.18.0__193.19.1.el8_2
kerneleq4.18.0__193.6.3.el8_2
kerneleq4.18.0__193.12.1.el8_2

Rows per page:

1-10 of 621

References

lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html

lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html

packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html

packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

www.securityfocus.com/bid/108550

access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/index

access.redhat.com/errata/RHSA-2020:4431

access.redhat.com/security/updates/classification/#moderate

git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=efa9ace68e487ddd29c2b4d6dd23242158f1f607

lists.fedoraproject.org/archives/list/[email protected]/message/MDURACJVGIBIYBSGDZJTRDPX46H5WPZW/

lists.fedoraproject.org/archives/list/[email protected]/message/OBJHGQXA4PQ5EOGCOXEH3KFDNVZ2I4X7/

lkml.org/lkml/2019/6/3/526

seclists.org/bugtraq/2020/Jan/10

security.netapp.com/advisory/ntap-20190710-0002/

support.f5.com/csp/article/K54337315

support.f5.com/csp/article/K54337315?utm_source=f5support&utm_medium=RSS

usn.ubuntu.com/4093-1/

usn.ubuntu.com/4094-1/

usn.ubuntu.com/4095-1/

usn.ubuntu.com/4095-2/

4.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

Related for VERACODE:27799

debiancve1 redhatcve1 ubuntucve1 prion1 f51 cve1 fedora29 nessus32 openvas36 ibm2 suse2 ubuntu4 cloudfoundry2 redhat5 slackware1 almalinux1 osv1 centos1 oraclelinux2