#VU93181 Resource management error in Linux kernel
Vulnerability identifier: #VU93181
Vulnerability risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-399
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the macii_probe() function in drivers/macintosh/via-macii.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/e4ff8bcfb2841fe4e17e5901578b632adb89036d
http://git.kernel.org/stable/c/1e9c3f2caec548cfa7a65416ec4e6006e542f18e
http://git.kernel.org/stable/c/280619bbdeac186fb320fab3d61122d2a085def8
http://git.kernel.org/stable/c/010d4cb19bb13f423e3e746b824f314a9bf3e9a9
http://git.kernel.org/stable/c/787fb79efc15b3b86442ecf079b8148f173376d7
http://git.kernel.org/stable/c/d43a8c7ec0841e0ff91a968770aeca83f0fd4c56
http://git.kernel.org/stable/c/5900a88e897e6deb1bdce09ee34167a81c2da89d
http://git.kernel.org/stable/c/2907d409ce5946390f513976f0454888d37d1058
http://git.kernel.org/stable/c/d301a71c76ee4c384b4e03cdc320a55f5cf1df05
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
