Denial Of Service (DoS)

2023-03-0620:41:33

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

linux

kernel

vulnerability

out-of-bounds read

vt_k_ioctl

0.001 Low

EPSS

Percentile

24.4%

JSON

Linux kernel is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the out-of-bounds read in the vt_k_ioctl function of vt_ioctl.c because it does not properly protect by lock-in vt_ioctl (KDSETMDE), allowing an attacker to cause an application crash.

CPENameOperatorVersion
linux-azure:focaleq5.4.0.1031.29
linux-azure:focaleq5.4.0.1032.30
linux-azure:focaleq5.4.0.1025.24
linux-azure:focaleq5.4.0.1010.11
linux-azure:focaleq5.4.0.1026.25
linux-azure:focaleq5.4.0.1022.21
linux-oracle:focaleq5.4.0.1029.26
linux-oracle:focaleq5.4.0.1009.9
linux-oracle:focaleq5.4.0.1021.19
linux-oracle:focaleq5.4.0.1024.21

Name	Operator	Version
linux-azure:focal	eq	5.4.0.1031.29
linux-azure:focal	eq	5.4.0.1032.30
linux-azure:focal	eq	5.4.0.1025.24
linux-azure:focal	eq	5.4.0.1010.11
linux-azure:focal	eq	5.4.0.1026.25
linux-azure:focal	eq	5.4.0.1022.21
linux-oracle:focal	eq	5.4.0.1029.26
linux-oracle:focal	eq	5.4.0.1009.9
linux-oracle:focal	eq	5.4.0.1021.19
linux-oracle:focal	eq	5.4.0.1024.21