Описание
A bug was discovered in the hwpoison implementation in mm/memory-failure.c in the Linux kernel. When soft_offline_in_use_page() is run for a thp tail page after pmd is split, a privileged attacker can cause a denial of service (DoS). Privileged access is required for an attacker to trigger this bug, thus, we believe this bug is not a security flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected | ||
| Red Hat Enterprise MRG 2 | kernel-rt | Not affected |
Показывать по
10
Дополнительная информация
Дефект:
CWE-119
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1695049kernel: hwpoison implementation in mm/memory-failure.c leads to denial of service
0 Low
CVSS3
Связанные уязвимости
nvd
около 6 лет назад
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
oracle-oval
около 6 лет назад
ELSA-2019-4643: Unbreakable Enterprise kernel security update (IMPORTANT)
0 Low
CVSS3