vulnerability
Oracle Linux: CVE-2020-27152: ELSA-2021-1093: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:H/Au:M/C:N/I:N/A:C) | 2020-08-02 | 2021-04-08 | 2024-11-30 |
Severity
4
CVSS
(AV:L/AC:H/Au:M/C:N/I:N/A:C)
Published
2020-08-02
Added
2021-04-08
Modified
2024-11-30
Description
An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9.
A stack overflow flaw via an infinite loop condition issue was found in the KVM hypervisor of the Linux kernel. This flaw occurs while processing interrupts because the IRQ state is erroneously set. This flaw allows a guest user to crash the host kernel, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
A stack overflow flaw via an infinite loop condition issue was found in the KVM hypervisor of the Linux kernel. This flaw occurs while processing interrupts because the IRQ state is erroneously set. This flaw allows a guest user to crash the host kernel, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
Solution
oracle-linux-upgrade-kernel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.