Open mend-bolt-for-github[bot] opened 2 years ago
The Linux Kernel
Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/?wsslib=linux
Found in HEAD commit: 63ec46be94f7d206b296bb6c7cd636df4b2eaddd
Found in base branch: master
/fs/ext4/block_validity.c /fs/ext4/block_validity.c
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.
Publish Date: 2020-02-14
URL: CVE-2020-8992
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
Type: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2020-8992
Release Date: 2020-02-14
Fix Resolution: v5.6-rc2,v5.4.21,v5.5.5
Step up your Open Source Security Game with Mend here
CVE-2020-8992 - Medium Severity Vulnerability
Vulnerable Library - linuxlinux-4.19.236
The Linux Kernel
Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/?wsslib=linux
Found in HEAD commit: 63ec46be94f7d206b296bb6c7cd636df4b2eaddd
Found in base branch: master
Vulnerable Source Files (2)
/fs/ext4/block_validity.c /fs/ext4/block_validity.c
Vulnerability Details
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.
Publish Date: 2020-02-14
URL: CVE-2020-8992
CVSS 3 Score Details (5.5)
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2020-8992
Release Date: 2020-02-14
Fix Resolution: v5.6-rc2,v5.4.21,v5.5.5
Step up your Open Source Security Game with Mend here