Vulnerability identifier: #VU93184
Vulnerability risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-399
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ice_module_init() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
http://git.kernel.org/stable/c/87a5e3fc8416106e290c448fc8a6dd50ab24c634
http://git.kernel.org/stable/c/1ad4112c9fcf0bc08222b2b1614fba52ffd12255
http://git.kernel.org/stable/c/ca834a017851c50464c25a85f3cb2daefff7bede
http://git.kernel.org/stable/c/df59e05401450973c8c7e96fd74b49e24442dc1f
http://git.kernel.org/stable/c/4d159f7884f78b1aacb99b4fc37d1e3cb1194e39
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.