#VU92359 Improper locking in Linux kernel
Vulnerability identifier: #VU92359
Vulnerability risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-667
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the arch/m68k/kernel/entry.S. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/2a8d1d95302c7d52c6ac8fa5cb4a6948ae0d3a14
http://git.kernel.org/stable/c/5213cc01d0464c011fdc09f318705603ed3a746b
http://git.kernel.org/stable/c/4eeffecc8e3cce25bb559502c2fd94a948bcde82
http://git.kernel.org/stable/c/77b2b67a0f8bce260c53907e5749d61466d90c87
http://git.kernel.org/stable/c/0d9ae1253535f6e85a016e09c25ecbe6f7f59ef0
http://git.kernel.org/stable/c/f3baf0f4f92af32943ebf27b960e0552c6c082fd
http://git.kernel.org/stable/c/f1d4274a84c069be0f6098ab10c3443fc1f7134c
http://git.kernel.org/stable/c/95f00caf767b5968c2c51083957b38be4748a78a
http://git.kernel.org/stable/c/da89ce46f02470ef08f0f580755d14d547da59ed
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
