Denial of Service Vulnerability in Linux Kernel's Serial Attached SCSI (SAS) Implementation

Denial of Service Vulnerability in Linux Kernel's Serial Attached SCSI (SAS) Implementation

CVE-2017-18232 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.