CVE-2019-3900

Name of the Vulnerable Software and Affected Versions Linux Kernel versions up to and including v5.1-rc6

Description The issue is related to an infinite loop in the vhost net kernel module when handling incoming packets in the handle rx() function. This can happen if one end sends packets faster than the other end can process them. A guest user, potentially remote, could exploit this flaw to stall the vhost net kernel thread, resulting in a denial-of-service scenario. The vulnerability is associated with uncontrolled resource consumption during packet processing, allowing a remote attacker to cause a service disruption.

Recommendations For Linux Kernel versions up to and including v5.1-rc6, consider applying configuration changes to limit the impact of the infinite loop issue in the vhost net kernel module, such as adjusting packet processing rates or implementing rate limiting. As a temporary workaround, consider restricting access to the handle rx() function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.