The CFS Linux kernel scheduler mishandles handling of leaf cfs_rq's in the kernel/sched/fair.c code, which allows a local unprivileged attacker to cause a denial of service (DoS) by entiring the infinite loop in update_blocked_averages() function by inducing a high load on a system. Due to the nature of the flaw, a remote network attack (by initiating a magnitude of remote requests) cannot be fully ruled out, although we believe it is unlikely. References: https://lore.kernel.org/lkml/1545879866-27809-1-git-send-email-xiexiuqi@huawei.com/T/#u An upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c40f7d74c741a907cfaeb73a7697081881c497d0
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1680544]
This was fixed for Fedora with the 4.20 stable rebases.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1959 https://access.redhat.com/errata/RHSA-2019:1959
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1971 https://access.redhat.com/errata/RHSA-2019:1971
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-20784