CVE-2019-20812

MEDIUM

Description

An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3, aka CID-b43d1f9f7067.

References

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.7

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b43d1f9f7067c6759b1051e8ecb84e82cef569fe

Details

Source: MITRE

Published: 2020-06-03

Updated: 2020-07-07

Type: CWE-400

Risk Information

CVSS v2.0

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3.0

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
146282openSUSE Security Update : RT kernel (openSUSE-2021-242)NessusSuSE Local Security Checks
high
142240EulerOS 2.0 SP2 : kernel (EulerOS-SA-2020-2353)NessusHuawei Local Security Checks
high
141697EulerOS Virtualization 3.0.2.2 : kernel (EulerOS-SA-2020-2222)NessusHuawei Local Security Checks
high
141374OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0044)NessusOracleVM Local Security Checks
critical
141207Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5866)NessusOracle Linux Local Security Checks
critical
140917EulerOS 2.0 SP3 : kernel (EulerOS-SA-2020-2150)NessusHuawei Local Security Checks
high
140499Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5845)NessusOracle Linux Local Security Checks
high
140496Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5841)NessusOracle Linux Local Security Checks
high
140378SUSE SLES15 Security Update : kernel (SUSE-SU-2020:2487-1)NessusSuSE Local Security Checks
high
140328EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2020-1958)NessusHuawei Local Security Checks
high
139995EulerOS Virtualization for ARM 64 3.0.6.0 : kernel (EulerOS-SA-2020-1892)NessusHuawei Local Security Checks
high
139408SUSE SLES12 Security Update : kernel (SUSE-SU-2020:2152-1)NessusSuSE Local Security Checks
high
139364SUSE SLES12 Security Update : kernel (SUSE-SU-2020:2134-1)NessusSuSE Local Security Checks
high
139308SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:2105-1)NessusSuSE Local Security Checks
high
139137EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1807)NessusHuawei Local Security Checks
high
138727openSUSE Security Update : the Linux Kernel (openSUSE-2020-935)NessusSuSE Local Security Checks
high
138679openSUSE Security Update : the Linux Kernel (openSUSE-2020-801)NessusSuSE Local Security Checks
high
138272SUSE SLES15 Security Update : kernel (SUSE-SU-2020:1663-1)NessusSuSE Local Security Checks
critical
137617SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1605-1)NessusSuSE Local Security Checks
high
137616SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1603-1)NessusSuSE Local Security Checks
high
137615SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1602-1)NessusSuSE Local Security Checks
high
137613SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:1599-1)NessusSuSE Local Security Checks
high
137608SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1587-1)NessusSuSE Local Security Checks
high