Vulnerability Description
An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3, aka CID-b43d1f9f7067.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 5.4.7 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.7Release NotesVendor Advisory
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b4PatchVendor Advisory
- https://www.oracle.com/security-alerts/cpuApr2021.html
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.7Release NotesVendor Advisory
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b4PatchVendor Advisory
- https://www.oracle.com/security-alerts/cpuApr2021.html
FAQ
What is CVE-2019-20812?
CVE-2019-20812 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a cert...
How severe is CVE-2019-20812?
CVE-2019-20812 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-20812?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.