Описание
An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitTechnical DescriptionThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitTechnical DescriptionThird Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
6.2 Medium
CVSS3
5.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
Связанные уязвимости
An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service.
EPSS
6.2 Medium
CVSS3
5.5 Medium
CVSS3
4.9 Medium
CVSS2