Rewterz Threat Alert – IAmTheKing and the SlothfulMedia Malware – IoCs
October 19, 2020Rewterz Threat Advisory – Node.js npm-user-validate module denial of service
October 20, 2020Rewterz Threat Alert – IAmTheKing and the SlothfulMedia Malware – IoCs
October 19, 2020Rewterz Threat Advisory – Node.js npm-user-validate module denial of service
October 20, 2020Severity
Medium
Analysis Summary
Linux Kernel is vulnerable to a denial of service, caused by the mishandling of bounds tracking in the scalar32_min_max_or function in kernel/bpf/verifier.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
Impact
Denial of service
Affected Vendors
Linux
Affected Products
Linux Kernel 5.8.0
Remediation
Upgrade to the latest version of Linux Kernel (5.8.15 or later).