BDU:2018-00491

Уязвимость функции blkcg_init_queue ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2018-7480

Published: 2018-02-25
Modified: 2024-11-21

CVE-2018-7480

The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b54d816e00425c3a517514e0d677bb3cec49258
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b54d816e00425c3a517514e0d677bb3cec49258
https://github.com/torvalds/linux/commit/9b54d816e00425c3a517514e0d677bb3cec49258
https://github.com/torvalds/linux/commit/9b54d816e00425c3a517514e0d677bb3cec49258
USN-3654-1
USN-3654-1
USN-3654-2
USN-3654-2
USN-3656-1
USN-3656-1
DSA-4188
DSA-4188

Version: 2.1.0

Package kernel-image-std-def update in sisyphus on 2018-03-23

ALT-PU-2018-1464-1

Closed vulnerabilities

BDU:2018-00491

CVE-2018-7480