CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
0.4%
Georgi Guninski discovered two Denial of Service vulnerabilities in
the Linux kernel.
An integer overflow in the vc_resize() function caused the memory
allocation for the new screen being too short, thus causing a buffer
overflow and a kernel crash.
There was also a memory leak in the ip_options_get() function. Calling
ip_cmsg_send() very often would gradually exhaust memory.
Note: The original advisory (see URL above) also mentions a
“ip_options_get integer overflow”. This was already fixed in USN-38-1
(known as CAN-2004-1016).