Vulnerability identifier: #VU93269
Vulnerability risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-399
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nf_tables_table_disable() and nf_tables_updtable() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78
http://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362
http://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb
http://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4
http://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827
http://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927
http://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518
http://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.