Linux kernel before 5.3.5 Uncontrolled Resource Consumption Vulnerability

Summary

Linux kernel before 5.3.5 suffers from uncontrolled resource consumption vulnerability.

Credit:

The information has been provided by Greg Kroah-Hartman

The original article can be found at:https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.5

 


Details

A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f.

 

Vulnerable Systems:

Linux kernel before 5.3.5 

 

CVE Information:

CVE-2019-18806

Disclosure Timeline:
Published Date:11/7/2019