SB20240620267 - Resource management error in Linux kernel s390 block driver
Published: June 20, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240620267
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2022-48636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dasd_alias_remove_device() and dasd_alias_get_start_dev() functions in drivers/s390/block/dasd_alias.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/d86b4267834e6d4af62e3073e48166e349ab1b70
- https://git.kernel.org/stable/c/49f401a98b318761ca2e15d4c7869a20043fbed4
- https://git.kernel.org/stable/c/aaba5ff2742043705bc4c02fd0b2b246e2e16da1
- https://git.kernel.org/stable/c/2e473351400e3dd66f0b71eddcef82ee45a584c1
- https://git.kernel.org/stable/c/f5fcc9d6d71d9ff7fdbdd4b89074e6e24fffc20b
- https://git.kernel.org/stable/c/d3a67c21b18f33c79382084af556557c442f12a6
- https://git.kernel.org/stable/c/650a2e79d176db753654d3dde88e53a2033036ac
- https://git.kernel.org/stable/c/db7ba07108a48c0f95b74fabbfd5d63e924f992d
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.295
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.260
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.330
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.146
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.71
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.215
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0