News
Vigil@nce: Linux kernel, denial of service via hvc_console
March 2010 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
A local attacker can use virtio_console, in order to generate a denial of service in hvc_console.
Severity: 1/4
Consequences: denial of service of computer
Provenance: user shell
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 05/03/2010
IMPACTED PRODUCTS
Linux kernel
DESCRIPTION OF THE VULNERABILITY
The drivers/char/hvc_console.c file implements the support of HyperVisor Console. This driver is used by the virtio_console.
However, this driver does not manages simultaneous close (hvc_close()) and remove (hvc_remove()) operations.
A local attacker can therefore simultaneously request a resource close and remove, in order to generate a denial of service.
CHARACTERISTICS
Identifiers: BID-38537, VIGILANCE-VUL-9498
