#VU91526 Improper locking in Linux kernel
Vulnerability identifier: #VU91526
Vulnerability risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-667
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the afs_dir_iterate_block() function in fs/afs/dir.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/5c78be006ed9cb735ac2abf4fd64f3f4ea26da31
http://git.kernel.org/stable/c/854ebf45a4ddd4cadeffb6644e88d19020634e1a
http://git.kernel.org/stable/c/96370ba395c572ef496fd2c7afc4a1ab3dedd3f0
http://git.kernel.org/stable/c/b94f434fe977689da4291dc21717790b9bd1c064
http://git.kernel.org/stable/c/80b15346492bdba677bbb0adefc611910e505f7b
http://git.kernel.org/stable/c/a6ffae61ad9ebf2fdcb943135b2f30c85f49cd27
http://git.kernel.org/stable/c/058ed71e0f7aa3b6694ca357e23d084e5d3f2470
http://git.kernel.org/stable/c/76426abf9b980b46983f97de8e5b25047b4c9863
http://git.kernel.org/stable/c/f67898867b6b0f4542cddc7fe57997978b948a7a
http://git.kernel.org/stable/c/106e14ca55a0acb3236ee98813a1d243f8aa2d05
http://git.kernel.org/stable/c/fe02316e4933befc621fa125efb8f8b4d04cceec
http://git.kernel.org/stable/c/9c41f4935625218a2053a2dce1423c3054169809
http://git.kernel.org/stable/c/5f7a07646655fb4108da527565dcdc80124b14c4
http://git.kernel.org/stable/c/2afdd0cb02329464d77f3ec59468395c791a51a4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
