#VU91650 Memory leak in Linux kernel
Vulnerability identifier: #VU91650
Vulnerability risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-401
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the print_absolute_relocs() function in arch/x86/tools/relocs.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03
http://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088
http://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a
http://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af
http://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723
http://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c
http://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa
http://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40
http://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
