#VU92396 Improper check for unusual or exceptional conditions in Linux kernel
Vulnerability identifier: #VU92396
Vulnerability risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-754
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper check for unusual or exceptional conditions error within the personal_server_map_irq() function in arch/arm/mach-footbridge/personal-pci.c, within the netwinder_map_irq() function in arch/arm/mach-footbridge/netwinder-pci.c, within the ebsa285_map_irq() function in arch/arm/mach-footbridge/ebsa285-pci.c, within the cats_no_swizzle() function in arch/arm/mach-footbridge/cats-pci.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's repository.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/532747fd5c7aaa17ee5cf79f3e947c31eb0e35cf
http://git.kernel.org/stable/c/2643da6aa57920d9159a1a579fb04f89a2b0d29a
http://git.kernel.org/stable/c/871b569a3e67f570df9f5ba195444dc7c621293b
http://git.kernel.org/stable/c/1fc087fdb98d556b416c82ed6e3964a30885f47a
http://git.kernel.org/stable/c/c3efce8cc9807339633ee30e39882f4c8626ee1d
http://git.kernel.org/stable/c/30e3b4f256b4e366a61658c294f6a21b8626dda7
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
