CVE-2018-20784
published 2019-02-22CVE-2018-20784: In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | linux | < linux 4.19.16-1 (bookworm) | linux 4.19.16-1 (bookworm) |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 4.19.16-1 | 4.19.16-1 |
| linux | linux_kernel | >= 0 < 4.19.16-1 | 4.19.16-1 |
| linux | linux_kernel | >= 0 < 4.19.16-1 | 4.19.16-1 |
| linux | linux_kernel | >= 0 < 4.19.16-1 | 4.19.16-1 |
| linux | linux_kernel | >= 0 < 4.4.0-170.199 | 4.4.0-170.199 |
| linux | linux_kernel | >= 0 < 4.15.0-62.69 | 4.15.0-62.69 |
| linux | linux_kernel | >= 0 < 4.15.0-60.67 | 4.15.0-60.67 |
| linux | linux_kernel | >= 4.13 < 4.14.93 | 4.14.93 |
| linux | linux_kernel | >= 4.19 < 4.19.15 | 4.19.15 |
| linux | linux_kernel | >= 4.20 < 4.20.2 | 4.20.2 |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux_for_real_time | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL