#VU88103 Buffer overflow in Linux kernel
Vulnerability identifier: #VU88103
Vulnerability risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in fs/jfs/jfs_dmap.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/3d3898b4d72c677d47fe3cb554449f2df5c12555
http://git.kernel.org/stable/c/3f8217c323fd6ecd6829a0c3ae7ac3f14eac368e
http://git.kernel.org/stable/c/2037cb9d95f1741885f7daf50e8a028c4ade5317
http://git.kernel.org/stable/c/8393c80cce45f40c1256d72e21ad351b3650c57e
http://git.kernel.org/stable/c/70780914cb57e2ba711e0ac1b677aaaa75103603
http://git.kernel.org/stable/c/2e16a1389b5a7983b45cb2aa20b0e3f0ee364d6c
http://git.kernel.org/stable/c/fc67a2e18f4c4e3f07e9f9ae463da24530470e73
http://git.kernel.org/stable/c/74ecdda68242b174920fe7c6133a856fb7d8559b
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
