First published: Fri Sep 17 2021(Updated: )
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:4.18.0-348.2.1.rt7.132.el8_5 | 0:4.18.0-348.2.1.rt7.132.el8_5 |
redhat/kernel | <0:4.18.0-348.2.1.el8_5 | 0:4.18.0-348.2.1.el8_5 |
redhat/kernel-rt | <0:4.18.0-193.70.1.rt13.120.el8_2 | 0:4.18.0-193.70.1.rt13.120.el8_2 |
redhat/kernel | <0:4.18.0-193.70.1.el8_2 | 0:4.18.0-193.70.1.el8_2 |
redhat/kernel-rt | <0:4.18.0-305.28.1.rt7.100.el8_4 | 0:4.18.0-305.28.1.rt7.100.el8_4 |
redhat/kernel | <0:4.18.0-305.28.1.el8_4 | 0:4.18.0-305.28.1.el8_4 |
Linux Linux kernel | <5.4 | |
Linux Linux kernel | =5.4 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
redhat/Linux Kernel | <5.4 | 5.4 |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
In order to mitigate this issue, it is possible to prevent the affected code by loading the kvm module with "pi_inject_timer=0" parameter. ~~~ rmmod kvm_intel kvm modprobe kvm pi_inject_timer=0 modprobe kvm_intel ~~~
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)