#VU102234 Resource management error in Linux kernel - CVE-2024-53184
Vulnerability identifier: #VU102234
Vulnerability risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-399
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ubd_open_dev() function in arch/um/drivers/ubd_kern.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
https://git.kernel.org/stable/c/16cf8511680809a9f20b3dd224c06d482648f9e2
https://git.kernel.org/stable/c/23d742a3fcd4781eed015a3a93e6a0e3ab1ef2a8
https://git.kernel.org/stable/c/2d194d951895df214e066d08146e77cb6e02c1d4
https://git.kernel.org/stable/c/300e277e463e6326938dd55ea560eafa0f5c88a5
https://git.kernel.org/stable/c/509ba8746f812e45a05034ba18b73db574693d11
https://git.kernel.org/stable/c/5727343348f34e11a7c5a2a944d5aa505731d876
https://git.kernel.org/stable/c/5bee35e5389f450a7eea7318deb9073e9414d3b1
https://git.kernel.org/stable/c/a5a75207efae4b558aaa34c288de7d6f2e926b4b
https://git.kernel.org/stable/c/e6e5a4cded9bef3a1b0a4fac815b7176eb9a18ec
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
