Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-8172

Опубликовано: 09 нояб. 2013
Источник: redhat
CVSS2: 4.9
EPSS Низкий

Описание

The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service (soft lockup or system crash) via unspecified use of Asynchronous I/O (AIO) operations.

It was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system.

Отчет

This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and 6.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 7kernelFixedRHSA-2015:029005.03.2015
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2015:069417.03.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1198503kernel: soft lockup on aio

EPSS

Процентиль: 28%
0.00096
Низкий

4.9 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-8172

ubuntu
больше 10 лет назад

The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service (soft lockup or system crash) via unspecified use of Asynchronous I/O (AIO) operations.

nvd логотип

CVE-2014-8172

nvd
больше 10 лет назад

The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service (soft lockup or system crash) via unspecified use of Asynchronous I/O (AIO) operations.

debian логотип

CVE-2014-8172

debian
больше 10 лет назад

The filesystem implementation in the Linux kernel before 3.13 performs ...

github логотип

GHSA-f8hg-rhq8-h2gr

github
около 3 лет назад

The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service (soft lockup or system crash) via unspecified use of Asynchronous I/O (AIO) operations.

oracle-oval логотип

ELSA-2015-0290

oracle-oval
больше 10 лет назад

ELSA-2015-0290: kernel security, bug fix, and enhancement update (IMPORTANT)

EPSS

Процентиль: 28%
0.00096
Низкий

4.9 Medium

CVSS2