The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Linux kernel: overload via set_memory_region_test

Synthesis of the vulnerability 

An attacker can trigger an overload via set_memory_region_test() of the Linux kernel, in order to trigger a denial of service.
Vulnerable products: Linux, openSUSE Leap, SLES.
Severity of this weakness: 1/4.
Creation date: 16/04/2021.
Références of this bulletin: CERTFR-2021-AVI-278, CERTFR-2021-AVI-284, CERTFR-2021-AVI-302, CVE-2020-36310, openSUSE-SU-2021:0579-1, SUSE-SU-2021:1211-1, SUSE-SU-2021:1238-1, SUSE-SU-2021:1301-1, VIGILANCE-VUL-35094.

Description of the vulnerability 

An attacker can trigger an overload via set_memory_region_test() of the Linux kernel, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This security announce impacts software or systems such as Linux, openSUSE Leap, SLES.

Our Vigil@nce team determined that the severity of this threat is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this computer vulnerability announce.

Solutions for this threat 

Linux kernel: patch for set_memory_region_test.
A patch is indicated in information sources.

openSUSE Leap 15.2: new kernel packages.
New packages are available:
  openSUSE Leap 15.2: kernel 5.3.18-lp152.72.1

SUSE LE 15 SP2: new kernel-azure packages.
New packages are available:
  SUSE LE 15 SP2: kernel-azure 5.3.18-18.44.1

SUSE LE 15 SP2: new kernel packages.
New packages are available:
  SUSE LE 15 SP2: kernel 5.3.18-24.61.1

SUSE LE 15 SP2: new kernel-rt packages.
New packages are available:
  SUSE LE 15 SP2: kernel-rt 5.3.18-33.1
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a system vulnerability note. The Vigil@nce vulnerability database contains several thousand vulnerabilities.