A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 5.14 (excluding) |
Linux_kernel | Linux | 5.14 (including) | 5.14 (including) |
Linux_kernel | Linux | 5.14-rc1 (including) | 5.14-rc1 (including) |
Linux_kernel | Linux | 5.14-rc2 (including) | 5.14-rc2 (including) |