Описание
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP. The highest threat from this vulnerability is system availability.
Меры по смягчению последствий
In order to mitigate this issue, it is possible to prevent the affected code by loading the kvm module with "pi_inject_timer=0" parameter.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Will not fix | ||
| Red Hat Enterprise Linux 9 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2021:4646 | 15.11.2021 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2021:4647 | 15.11.2021 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | kernel-rt | Fixed | RHSA-2021:4875 | 30.11.2021 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | kernel | Fixed | RHSA-2021:4871 | 30.11.2021 |
| Red Hat Enterprise Linux 8.4 Extended Update Support | kernel-rt | Fixed | RHSA-2021:4648 | 15.11.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.4 Medium
CVSS3
Связанные уязвимости
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.
A flaw was found in the Linux kernel. A corrupted timer tree caused th ...
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.
Уязвимость функции timerqueue_add компонента lib/timerqueue.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.4 Medium
CVSS3