Linux kernel through 5.3.9 Uncontrolled Resource Consumption Vulnerability

Summary

A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9.

Credit:

The information has been provided by Gary R Hook

The original article can be found at:https://github.com/torvalds/linux/commit/128c66429247add5128c03dc1e144ca56f05a4e2


Details

Allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.

 

Vulnerable Systems:

Linux kernel through 5.3.9 

 

CVE Information:

CVE-2019-18808

 

Disclosure Timeline:
Published Date:11/7/2019