Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-8992

Опубликовано: 11 фев. 2020
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

A vulnerability was found in ext4_protect_reserved_inode in the fs/ext4/block_validity.c function. This flaw allows an attacker to mount a crafted image with a large size inode journal, causing a denial of service.

Отчет

The affected code was not introduced into any kernel versions shipped with Red Hat Enterprise Linux making this vulnerable not applicable to these platforms.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise MRG 2kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1805887kernel: soft lockup via a crafted journal size in ext4_protect_reserved_inode in fs/ext4/block_validity.c

EPSS

Процентиль: 21%
0.00068
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-8992

CVSS3: 5.5
ubuntu
больше 5 лет назад

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

nvd логотип

CVE-2020-8992

CVSS3: 5.5
nvd
больше 5 лет назад

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

msrc логотип

CVE-2020-8992

CVSS3: 5.5
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2020-8992

CVSS3: 5.5
debian
больше 5 лет назад

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux k ...

github логотип

GHSA-44rm-95c5-h9cw

CVSS3: 5.5
github
около 3 лет назад

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

EPSS

Процентиль: 21%
0.00068
Низкий

5.5 Medium

CVSS3