A flaw was found in the Linux kernels scheduler which can allow attackers to cause a denial of service against non-CPU-bound applications by generating a workload that triggers unwanted scheduling slice expiration. A local attacker who is able to trigger a specific workload type could abuse this technique to trigger a system to be seen as 'degraded' and possibly trigger workload-rebalance in systems that use slice-expiration metric as a measure of system health. Reference: https://github.com/kubernetes/kubernetes/issues/67577 Reference and upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1792513]
This was fixed for Fedora with the 5.3.9 stable kernel update.
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:1493 https://access.redhat.com/errata/RHSA-2020:1493
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-19922
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:1567 https://access.redhat.com/errata/RHSA-2020:1567
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:1769 https://access.redhat.com/errata/RHSA-2020:1769