• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Note 1687910 - Potential denial of service in DIAG Processor

Главная Специалистам База уязвимостей Note 1687910 - Potential denial of service in DIAG Processor

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1687910-3) SAP Support Packages (SAP_KERNEL_640_32_BIT_SP413_000413, SAP_KERNEL_640_32_BIT_SP999999_999999, SAP_KERNEL_640_32_BIT_UNICODE_SP413_000413, SAP_KERNEL_640_32_BIT_UNICODE_SP999999_999999, SAP_KERNEL_640_64_BIT_SP413_000413, SAP_KERNEL_640_64_BIT_SP999999_999999, SAP_KERNEL_640_64_BIT_UNICODE_SP413_000413, SAP_KERNEL_640_64_BIT_UNICODE_SP999999_999999, SAP_KERNEL_640_EX2_32_BIT_SP413_000413, SAP_KERNEL_640_EX2_32_BIT_SP999999_999999, SAP_KERNEL_640_EX2_32_BIT_UC_SP413_000413, SAP_KERNEL_640_EX2_32_BIT_UC_SP999999_999999, SAP_KERNEL_640_EX2_64_BIT_SP413_000413, SAP_KERNEL_640_EX2_64_BIT_SP999999_999999, SAP_KERNEL_640_EX2_64_BIT_UC_SP413_000413, SAP_KERNEL_640_EX2_64_BIT_UC_SP999999_999999, SAP_KERNEL_720_32_BIT_SP317_000317, SAP_KERNEL_720_32_BIT_SP999999_999999, SAP_KERNEL_720_32_BIT_UNICODE_SP317_000317, SAP_KERNEL_720_32_BIT_UNICODE_SP999999_999999, SAP_KERNEL_720_64_BIT_SP317_000317, SAP_KERNEL_720_64_BIT_SP999999_999999, SAP_KERNEL_720_64_BIT_UNICODE_SP317_000317, SAP_KERNEL_720_64_BIT_UNICODE_SP999999_999999, SAP_KERNEL_721_32_BIT_SP027_000027, SAP_KERNEL_721_32_BIT_SP999999_999999, SAP_KERNEL_721_32_BIT_UNICODE_SP027_000027, SAP_KERNEL_721_32_BIT_UNICODE_SP999999_999999, SAP_KERNEL_721_64_BIT_SP027_000027, SAP_KERNEL_721_64_BIT_SP999999_999999, SAP_KERNEL_721_64_BIT_UNICODE_SP027_000027, SAP_KERNEL_721_64_BIT_UNICODE_SP999999_999999, SAP_KERNEL_721_EXT_32_BIT_SP027_000027, SAP_KERNEL_721_EXT_32_BIT_SP999999_999999, SAP_KERNEL_721_EXT_32_BIT_UC_SP027_000027, SAP_KERNEL_721_EXT_32_BIT_UC_SP999999_999999, SAP_KERNEL_721_EXT_64_BIT_SP027_000027, SAP_KERNEL_721_EXT_64_BIT_SP999999_999999, SAP_KERNEL_721_EXT_64_BIT_UC_SP027_000027, SAP_KERNEL_721_EXT_64_BIT_UC_SP999999_999999)
Описание
The problem is caused by a resource exhaustion condition. An attackercan launch a specifically crafted request that causes the process to  consume excessive resources. As a result, no other processes can  allocate new resources, rendering the system unavailable. This condition  can be intentionally provoked by an attacker to cause a denial of service.
Как исправить
Please apply the patch level of the SAP kernel (disp+work) mentioned in this note at least.For the installation of the downward compatible kernel (DCK) release 7.20 see SAP note 1636252 for details.
Ссылки