Rewterz Threat Advisory – Node.js loadyaml module security bypass
October 5, 2020Rewterz Threat Alert – Latest Trickbot IOCs
October 5, 2020Rewterz Threat Advisory – Node.js loadyaml module security bypass
October 5, 2020Rewterz Threat Alert – Latest Trickbot IOCs
October 5, 2020Severity
Medium
Analysis Summary
CVE-2020-25641
Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the biovec usage implementation. By sending a zero-length biovec request to the block subsystem, a local attacker could exploit this vulnerability to cause the kernel to enter an infinite loop.
Impact
Denial of service
Affected Vendors
Linux
Affected Products
Linux Kernel 4.10
Remediation
Refer to vendor advisory for the complete list of affected products and respective patches.