CVE-2019-3900 - CERT CVE
ID CVE-2019-3900
Sažetak An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.
Reference
CVSS
Base: 6.8
Impact: 6.9
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE COMPLETE
CVSS vektor AV:N/AC:L/Au:S/C:N/I:N/A:C
Zadnje važnije ažuriranje 26-04-2024 - 16:08
Objavljeno 25-04-2019 - 15:29