#VU91379 Division by zero in Linux kernel
Vulnerability identifier: #VU91379
Vulnerability risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-369
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the wb_dirty_limits() function in mm/page-writeback.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/c593d26fb5d577ef31b6e49a31e08ae3ebc1bc1e
http://git.kernel.org/stable/c/1f12e4b3284d6c863f272eb2de0d4248ed211cf4
http://git.kernel.org/stable/c/81e7d2530d458548b90a5c5e76b77ad5e5d1c0df
http://git.kernel.org/stable/c/5099871b370335809c0fd1abad74d9c7c205d43f
http://git.kernel.org/stable/c/16b1025eaa8fc223ab4273ece20d1c3a4211a95d
http://git.kernel.org/stable/c/ec18ec230301583395576915d274b407743d8f6c
http://git.kernel.org/stable/c/65977bed167a92e87085e757fffa5798f7314c9f
http://git.kernel.org/stable/c/9319b647902cbd5cc884ac08a8a6d54ce111fc78
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
