CVE-2021-45095

Опубликовано: 09 дек. 2021

Источник: redhat

CVSS3: 5.5

EPSS Низкий

Описание

pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.

A memory leak flaw in the Linux kernel's PhoNet (Phone Network protocol) functionality was found in the way user gets memory allocation fail inside function pep_sock_accept (for the failure branch). A local user could use this flaw to starve the resources causing a denial of service.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-401->CWE-200

https://bugzilla.redhat.com/show_bug.cgi?id=2035338kernel: refcount leak in pep_sock_accept() in net/phonet/pep.c

EPSS

Процентиль: 1%

0.00013

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2021-45095

CVSS3: 5.5

ubuntu

больше 3 лет назад

pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.

CVE-2021-45095

CVSS3: 5.5

nvd

больше 3 лет назад

pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.

CVE-2021-45095

CVSS3: 5.5

msrc

больше 3 лет назад

Описание отсутствует

CVE-2021-45095

CVSS3: 5.5

debian

больше 3 лет назад

pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 ...

GHSA-827c-f4fv-j8hr

CVSS3: 5.5

github

больше 3 лет назад

pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.

EPSS

Процентиль: 1%

0.00013

Низкий

5.5 Medium

CVSS3