| Summary | A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. |
|---|---|
| Publication Date | Aug. 27, 2022, 1:15 a.m. |
| Registration Date | Aug. 27, 2022, 10 a.m. |
| Last Update | Nov. 21, 2024, 3:22 p.m. |
| CVSS3.1 : MEDIUM | |
| スコア | 5.5 |
|---|---|
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| 攻撃元区分(AV) | ローカル |
| 攻撃条件の複雑さ(AC) | 低 |
| 攻撃に必要な特権レベル(PR) | 低 |
| 利用者の関与(UI) | 不要 |
| 影響の想定範囲(S) | 変更なし |
| 機密性への影響(C) | なし |
| 完全性への影響(I) | なし |
| 可用性への影響(A) | 高 |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:a:ibm:spectrum_copy_data_management:*:*:*:*:*:*:*:* | 2.2.0.0 | 2.2.15.0 | |||
| cpe:2.3:a:ibm:spectrum_protect_plus:*:*:*:*:*:*:*:* | 10.1.0 | 10.1.10.2 | |||
| execution environment | |||||
| 1 | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* | |||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* | |||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:redhat:build_of_quarkus:*:*:*:*:*:*:*:* | 2.0 | 2.7 | |||
| Configuration6 | or higher | or less | more than | less than | |
| cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* | ||||
| 2 | cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* | ||||
| 3 | cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:* | ||||
| 4 | cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:* | ||||
| Configuration7 | or higher | or less | more than | less than | |
| cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:redhat:openshift_container_platform:4.7:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:redhat:openshift_container_platform:4.9:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* | ||||
| Title | Linux の Linux Kernel 他複数ベンダの製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 |
|---|---|
| Summary | Linux の Linux Kernel 他複数ベンダの製品には、制限またはスロットリング無しのリソースの割り当てに関する脆弱性が存在します。 |
| Possible impacts | サービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | Aug. 2, 2021, midnight |
| Registration Date | Oct. 12, 2023, 4:22 p.m. |
| Last Update | Oct. 12, 2023, 4:22 p.m. |
| レッドハット |
| build of Quarkus 2.0 以上 2.7 未満 |
| codeready linux builder |
| Red Hat Developer Tools 1.0 |
| Red Hat Enterprise Linux 6.0 |
| Red Hat Enterprise Linux 7.0 |
| Red Hat Enterprise Linux 8.0 |
| Red Hat Enterprise Linux 8.6 |
| Red Hat Enterprise Linux AUS 8.6 |
| Red Hat Enterprise Linux for IBM z Systems 8.0 |
| Red Hat Enterprise Linux for IBM z Systems 8.6 |
| Red Hat Enterprise Linux for Power Little Endian Update Services for SAP Solutions 8.6 |
| Red Hat Enterprise Linux for Power, little endian 8.0 |
| Red Hat Enterprise Linux for Power, little endian 8.6 |
| Red Hat Enterprise Linux for Real Time 8 |
| Red Hat Enterprise Linux for Real Time 8.6 |
| Red Hat Enterprise Linux for Real Time for NFV 8 |
| Red Hat Enterprise Linux for Real Time for NFV 8.6 |
| Red Hat Enterprise Linux Server 8.6 |
| Red Hat Enterprise Linux Server TUS 8.6 |
| Red Hat OpenShift Container Platform 4.6 |
| Red Hat OpenShift Container Platform 4.7 |
| Red Hat OpenShift Container Platform 4.9 |
| Red Hat Virtualization Host 4.0 |
| IBM |
| IBM Spectrum Copy Data Management 2.2.0.0 から 2.2.15.0 |
| IBM Spectrum Protect Plus 10.1.0 から 10.1.10.2 |
| Debian |
| Debian GNU/Linux 10.0 |
| Debian GNU/Linux 11.0 |
| Fedora Project |
| Fedora 34 |
| Linux |
| Linux Kernel |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2023年10月12日] 掲載 |
Oct. 12, 2023, 4:22 p.m. |