公告ID: KYLIN-2019-3900
安全等级: 重要
产品: Kylin V3
发布日期: 2019年4月25日
CVE: CVE-2019-3900
CVSS3评分: 6.3
概述:
This issue does not affect the versions of the kernel package as shipped with Kylin Enterprise Linux 5 and Kylin Enterprise MRG 2. This issue affects the version of Linux kernel as shipped with Kylin Enterprise Linux 6 and 7. Future kernel updates for Kylin Enterprise Linux 6 and 7 may address this issue. 描述:
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario. An infinite loop issue was found in the vhost_net kernel module, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario. 系统版本:
KYLIN 3.3.x
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
KYLIN 3.3.x
受影响包列表:
kernel-alt
kernel
kernel
kernel-rt
kernel