An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.

References[email protected]/message/AYTZH6QCNITK7353S6RCRT2PQHZSDPXD/[email protected]/message/RI3WXXM5URTZSR3RVEKO6MDXDFIKTZ5R/[email protected]/message/TOFNJA5NNVXQ6AV6KGZB677JIVXAMJHT/


Source: MITRE

Published: 2019-04-25

Updated: 2020-10-16

Type: CWE-835

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 8

Severity: MEDIUM

CVSS v3.0

Base Score: 7.7

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Impact Score: 4

Exploitability Score: 3.1

Severity: HIGH