vulnerability
Oracle Linux: CVE-2019-18808: ELSA-2020-4060: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | 2019-11-18 | 2020-10-07 | 2024-12-06 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
2019-11-18
Added
2020-10-07
Modified
2024-12-06
Description
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability.
A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability.
Solution
oracle-linux-upgrade-kernel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.