Vulnerability identifier: #VU93034
Vulnerability risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-667
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sync_print_obj() function in drivers/dma-buf/sync_debug.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/1ff116f68560a25656933d5a18e7619cb6773d8a
http://git.kernel.org/stable/c/165b25e3ee9333f7b04f8db43895beacb51582ed
http://git.kernel.org/stable/c/ae6fc4e6a3322f6d1c8ff59150d8469487a73dd8
http://git.kernel.org/stable/c/9d75fab2c14a25553a1664586ed122c316bd1878
http://git.kernel.org/stable/c/242b30466879e6defa521573c27e12018276c33a
http://git.kernel.org/stable/c/a4ee78244445ab73af22bfc5a5fc543963b25aef
http://git.kernel.org/stable/c/8a283cdfc8beeb14024387a925247b563d614e1e
http://git.kernel.org/stable/c/b794918961516f667b0c745aebdfebbb8a98df39
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.