Vulnerabilities > CVE-2020-27152 - Infinite Loop vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://www.openwall.com/lists/oss-security/2020/11/03/1
- http://www.openwall.com/lists/oss-security/2020/11/03/1
- https://bugzilla.kernel.org/show_bug.cgi?id=208767
- https://bugzilla.kernel.org/show_bug.cgi?id=208767
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.2
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.2
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77377064c3a94911339f13ce113b3abf265e06da
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77377064c3a94911339f13ce113b3abf265e06da