Denial Of Service (DoS)

2020-11-0503:09:58

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

26.9%

JSON

kernel is vulnerable to denial of service (DoS).Lack of validation in get_raw_socket in drivers/vhost/net.c of an sk_family field allows to attacker perform ioctl(2) calls on the ‘/dev/vhost-net’ device may use this flaw to crash the kernel.

CPENameOperatorVersion
kernel-rteq4.18.0__193.12.1.rt13.63.el8_2
kernel-rteq4.18.0__193.13.2.rt13.65.el8_2
kernel-rteq4.18.0__236.rt7.49.el8
kerneleq4.18.0__80.7.1.el8_0
kerneleq4.18.0__80.7.2.el8_0
kerneleq4.18.0__193.23.1.el8_2
kerneleq4.18.0__147.8.1.el8_1
kerneleq4.18.0__80.11.2.el8_0
kerneleq4.18.0__193.10.el8
kerneleq4.18.0__168.el8

Name	Operator	Version
kernel-rt	eq	4.18.0__193.12.1.rt13.63.el8_2
kernel-rt	eq	4.18.0__193.13.2.rt13.65.el8_2
kernel-rt	eq	4.18.0__236.rt7.49.el8
kernel	eq	4.18.0__80.7.1.el8_0
kernel	eq	4.18.0__80.7.2.el8_0
kernel	eq	4.18.0__193.23.1.el8_2
kernel	eq	4.18.0__147.8.1.el8_1
kernel	eq	4.18.0__80.11.2.el8_0
kernel	eq	4.18.0__193.10.el8
kernel	eq	4.18.0__168.el8