Denial of Service Vulnerability in Linux Kernel's SAS SCSI Host Driver

Denial of Service Vulnerability in Linux Kernel's SAS SCSI Host Driver

CVE-2018-10021 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. NOTE: a third party disputes the relevance of this report because the failure can only occur for physically proximate attackers who unplug SAS Host Bus Adapter cables

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.