PT-1998-1191 · Linux · Linux

Published

1998-12-27

Updated

2017-12-19

CVE-1999-1285

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Linux versions prior to 2.1.133

Description The issue allows local users to cause a denial of service, resulting in resource exhaustion. This occurs when a large buffer is read from a random device, such as /dev/urandom, and the read operation cannot be interrupted until it is completed.

Recommendations For Linux versions prior to 2.1.133, consider restricting access to random devices like /dev/urandom to minimize the risk of exploitation. As a temporary workaround, limit the size of buffers that can be read from these devices until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1285

Affected Products

Linux

PT-1998-1191 · Linux · Linux

CVE-1999-1285

Related Identifiers

Affected Products

References · 3