Severity
5.5
Medium severity
Details
- CVSS score
- 5.5
- CVSS vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- CWE ID
Overview
About vulnerability
A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability.Details
- Affected product:
- AlmaLinux 8 , AlmaLinux 9.2 ESU , CentOS 6 , CentOS 6 ELS , CentOS 6 plus , CentOS 7 , CentOS 7 ELS , CentOS 7 plus , CentOS 8 , CentOS 8.4 ELS , CentOS 8.5 ELS , CloudLinux 6 ELS , CloudLinux OS 6 , CloudLinux OS 6h , CloudLinux OS 7 , CloudLinux OS 7h , CloudLinux OS 8 , Debian 10 , Debian 10 cloud , Debian 9 , Endurance 6 elrepo , Endurance 7 eig 3.10 , OEL 6 Dell , OEL 7 Dell , OpenVZ 6 , Oracle Linux 6 , Oracle Linux 6 ELS , Oracle Linux 7 , Proxmox VE 5 , Proxmox VE 6 , RHEL 6 , RHEL 7 , RHEL 8 , Rocky Linux 8 , Scientific 6 , Ubuntu 14.04 , Ubuntu 14.04 ESM , Ubuntu 16.04 , Ubuntu 16.04 ELS , Ubuntu 16.04 ESM , Ubuntu 18.04 , Ubuntu 18.04 ELS , Ubuntu 20.04 , Upstream 3.16 , Upstream 4.4
- Affected packages:
- kernel @ 5.14.0 (+72 more)