Veracode Vulnerability DatabaseVERACODE:19510Denial Of Service (DoS)
0.0004 Low
EPSS
Percentile
5.1%
Linux kernel is vulnerable to denial of service(DoS) attacks. This occurs when the [io_ti] driver is loaded, a local unprivileged attacker could request incorrect high transfer speed in the change_port_settings() in the drivers/usb/serial/io_ti.c so that the divisor value becomes zero and causes a system crash resulting in a denial of service.
References
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6aeb75e6adfaed16e58780309613a578fe1ee90b
www.securityfocus.com/bid/106802
access.redhat.com/articles/3553061
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index
access.redhat.com/errata/RHSA-2018:3083
access.redhat.com/security/cve/CVE-2017-18360
access.redhat.com/security/cve/CVE-2018-18690
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1322930
bugzilla.redhat.com/show_bug.cgi?id=1488484
bugzilla.redhat.com/show_bug.cgi?id=1504058
bugzilla.redhat.com/show_bug.cgi?id=1507027
bugzilla.redhat.com/show_bug.cgi?id=1542494
bugzilla.redhat.com/show_bug.cgi?id=1557434
bugzilla.redhat.com/show_bug.cgi?id=1557599
bugzilla.redhat.com/show_bug.cgi?id=1558328
bugzilla.redhat.com/show_bug.cgi?id=1561162
bugzilla.redhat.com/show_bug.cgi?id=1563697
bugzilla.redhat.com/show_bug.cgi?id=1564186
bugzilla.redhat.com/show_bug.cgi?id=1568167
bugzilla.redhat.com/show_bug.cgi?id=1572983
bugzilla.redhat.com/show_bug.cgi?id=1584775
bugzilla.redhat.com/show_bug.cgi?id=1592654
bugzilla.redhat.com/show_bug.cgi?id=1609717
bugzilla.suse.com/show_bug.cgi?id=1123706
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.3
github.com/torvalds/linux/commit/6aeb75e6adfaed16e58780309613a578fe1ee90b
usn.ubuntu.com/3933-1/
usn.ubuntu.com/3933-2/
Related
