Denial of Service Vulnerability in arch_timer_reg_read_stable Macro

CVE-2017-18261 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel before 4.13 allows local users to cause a denial of service (infinite recursion) by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace, PREEMPT_TRACER, and FUNCTION_GRAPH_TRACER.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.