9.8

CVE-2018-20784

In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.13 < 4.14.93
LinuxLinux Kernel Version >= 4.19 < 4.19.15
LinuxLinux Kernel Version >= 4.20 < 4.20.2
LinuxLinux Kernel Version5.0 Updaterc1
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version16.04 SwEditionesm
CanonicalUbuntu Linux Version18.04 SwEditionlts
RedhatEnterprise Linux Version8.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.17% 0.896
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://usn.ubuntu.com/4118-1/
Third Party Advisory
https://usn.ubuntu.com/4115-1/
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c40f7d74c741a907cfaeb73a7697081881c497d0
Patch
Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:1959
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1971
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.2
Vendor Advisory
Release Notes
https://github.com/torvalds/linux/commit/c40f7d74c741a907cfaeb73a7697081881c497d0
Patch
Third Party Advisory
https://usn.ubuntu.com/4211-1/
Third Party Advisory
https://usn.ubuntu.com/4211-2/
Third Party Advisory