Linux Kernel = 3.14.2, 3.11-9, 4.0.0-4.0.9, 4.1.1-4.1.10, 4.2.1-4.2.3 Memory Consumption Denial of Service

High Log Correlation Engine Plugin ID 802015

Synopsis

The specific kernel version that the client is running is vulnerable to a memory consumption denial of service.

Description

Linux Kernel contains a flaw in the Direct Rendering Manager (DRM) subsystem that is triggered during the handling of GEM objects. This may allow a context-dependent attacker to consume memory resources, causing the system to become unresponsive.

Solution

We are not currently aware of a solution for this vulnerability.

See Also

https://www.kernel.org/

https://bugzilla.kernel.org/show_bug.cgi?id=60533

Plugin Details

Severity: High

ID: 802015

File Name: 802015.prm

Published: 2016/08/31

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.1

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Vulnerability Publication Date: 2013/07/08

Reference Information

CVE: CVE-2013-7445