Описание
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).
A flaw was found in the Linux kernel where a local user with a shell account can abuse the userfaultfd syscall when using hugetlbfs. A missing size check in hugetlb_mcopy_atomic_pte could create an invalid inode variable, leading to a kernel panic.
Отчет
This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6 and kernel-alt. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, realtime and MRG-2. Future Linux kernel updates for the respective releases may address this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Affected | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise MRG 2 | realtime-kernel | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
4.7 Medium
CVSS3
Связанные уязвимости
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetl ...
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).
ELSA-2019-4850: Unbreakable Enterprise kernel security update (IMPORTANT)
EPSS
4.7 Medium
CVSS3