Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-20794

Опубликовано: 09 мая 2020
Источник: redhat
CVSS3: 4.7
EPSS Низкий

Описание

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.

A flaw was found in the Linux kernel. A user with PID namespace mounting a FUSE filesystem could cause a denial of service if the userspace component is terminated (pid 1). The highest threat from this vulnerability is to system availability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelWill not fix
Red Hat Enterprise Linux 7kernel-altWill not fix
Red Hat Enterprise Linux 7kernel-rtWill not fix
Red Hat Enterprise Linux 8kernelAffected
Red Hat Enterprise Linux 8kernel-rtAffected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise MRG 2kernelWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1849005kernel: task processes not being properly ended could lead to resource exhaustion

EPSS

Процентиль: 26%
0.00093
Низкий

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-20794

CVSS3: 4.7
ubuntu
больше 5 лет назад

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.

nvd логотип

CVE-2019-20794

CVSS3: 4.7
nvd
больше 5 лет назад

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.

msrc логотип

CVE-2019-20794

CVSS3: 4.7
msrc
больше 5 лет назад

Описание отсутствует

debian логотип

CVE-2019-20794

CVSS3: 4.7
debian
больше 5 лет назад

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when u ...

github логотип

GHSA-j4w8-rj66-g2q9

CVSS3: 4.7
github
больше 3 лет назад

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.

EPSS

Процентиль: 26%
0.00093
Низкий

4.7 Medium

CVSS3