PT-2017-4907 · Linux · Linux Kernel
Mathias Krause
·
Published
2017-02-06
·
Updated
2017-03-29
·
CVE-2010-5328
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions prior to 2.6.35
Description:
The issue allows local users to cause a denial of service, resulting in a system crash, by sending signals with a process group ID of zero to the swapper process. This is possible because the Linux kernel before version 2.6.35 does not prevent such signals from reaching the swapper process.
Recommendations:
For Linux kernel versions prior to 2.6.35, update to version 2.6.35 or later to resolve the issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel