Linux Kernel = 3.14.2, 3.11-9, 4.0.0-4.0.9, 4.1.1-4.1.10, 4.2.1-4.2.3 Memory Consumption Denial of Service

high Log Correlation Engine Plugin ID 802015

Synopsis

The specific kernel version that the client is running is vulnerable to a memory consumption denial of service.

Description

Linux Kernel contains a flaw in the Direct Rendering Manager (DRM) subsystem that is triggered during the handling of GEM objects. This may allow a context-dependent attacker to consume memory resources, causing the system to become unresponsive.

Solution

We are not currently aware of a solution for this vulnerability.

See Also

https://www.kernel.org/

https://bugzilla.kernel.org/show_bug.cgi?id=60533

Plugin Details

Severity: High

ID: 802015

Published: 8/31/2016

Updated: 8/31/2016

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Vulnerability Publication Date: 7/8/2013

Reference Information

CVE: CVE-2013-7445