Main Vulnerability Database SB2024070182

SB2024070182 - Resource management error in Linux kernel x86 entry

Published: July 1, 2024 Updated: May 13, 2025

Security Bulletin ID SB2024070182

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2021-4440)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the SYM_CODE_START() function in arch/x86/xen/xen-asm.S, within the native_patch() function in arch/x86/kernel/paravirt_patch.c, within the paravirt_patch_default() and native_steal_clock() functions in arch/x86/kernel/paravirt.c, within the main() function in arch/x86/kernel/asm-offsets_64.c, within the SYM_INNER_LABEL() and SYM_CODE_END() functions in arch/x86/entry/entry_64.S. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

SB2024070182 - Resource management error in Linux kernel x86 entry

Breakdown by Severity

Description

Remediation

References

Please verify you're human