Improper Resource Shutdown or Release in Linux kernel

#VU59473 Improper Resource Shutdown or Release in Linux kernel

Cybersecurity Help s.r.o.

Published: 2022-01-11

Vulnerability identifier: #VU59473

Vulnerability risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-36322

CWE-ID: CWE-404

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor:

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists in the FUSE filesystem implementation in the Linux kernel due to fuse_do_getattr() calls make_bad_inode() in inappropriate situations. A local user can run a specially crafted program to trigger kernel crash.

Note, the vulnerability exists due to incomplete fix for #VU58207 (CVE-2021-28950).

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.6
http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d069dbe8aaf2a197142558b6fb2978189ba3454
http://lists.debian.org/debian-lts-announce/2021/06/msg00020.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Netezza Host Management

Multiple vulnerabilities in Junos Space

Debian update for linux 4.19

Amazon Linux AMI update for kernel

Debian update for linux

Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.6

Multiple vulnerabilities in OpenShift Container Platform 3.11

CentOS 7 update for kernel

Red Hat Enterprise Linux 7 update for kernel