PT-2020-5105 · Linux+7 · Linux Kernel+7
Syzbot
·
Published
2020-09-02
·
Updated
2022-11-21
·
CVE-2020-25641
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 5.9-rc7
Description
The issue is related to a flaw in the Linux kernel's implementation of biovecs, which can cause the kernel to enter an infinite loop when a zero-length biovec request is issued by the block subsystem. This can result in a denial of service. A local attacker with basic privileges can exploit this issue by issuing requests to a block device.
Recommendations
For Linux kernel versions prior to 5.9-rc7, update to version 5.9-rc7 or later to resolve the issue. As a temporary workaround, consider restricting access to block devices to minimize the risk of exploitation.
Fix
DoS
Infinite Loop
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Almalinux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu