vulnerability
Oracle Linux: CVE-2019-12614: ELSA-2020-4060: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:H/Au:M/C:N/I:N/A:C) | 2019-06-03 | 2020-10-07 | 2024-12-06 |
Severity
4
CVSS
(AV:L/AC:H/Au:M/C:N/I:N/A:C)
Published
2019-06-03
Added
2020-10-07
Modified
2024-12-06
Description
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
A flaw was found in the way Linux kernel's Dynamic Logical Partitioning (DLPAR) functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the system.
A flaw was found in the way Linux kernel's Dynamic Logical Partitioning (DLPAR) functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the system.
Solution
oracle-linux-upgrade-kernel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.