CVE-2014-8559

Опубликовано: 25 окт. 2014

Источник: redhat

CVSS2: 4

EPSS Низкий

Описание

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.

A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system.

Отчет

This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. This issue affects the version of the kernel package as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2. Future kernel updates for the respective releases may address this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Fixed	RHSA-2015:1977	03.11.2015
Red Hat Enterprise Linux 7	kernel	Fixed	RHSA-2015:1978	03.11.2015
Red Hat Enterprise MRG 2	kernel-rt	Fixed	RHSA-2015:1976	03.11.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1159313kernel: fs: deadlock due to incorrect usage of rename_lock

EPSS

Процентиль: 17%

0.00055

Низкий

4 Medium

CVSS2

Связанные уязвимости

CVE-2014-8559

CVSS3: 5.5

ubuntu

больше 10 лет назад

CVE-2014-8559

CVSS3: 5.5

nvd

больше 10 лет назад

CVE-2014-8559

CVSS3: 5.5

debian

больше 10 лет назад

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 ...

GHSA-qfrw-q7qp-v27x

CVSS3: 5.5

github

около 3 лет назад

ELSA-2015-1978

oracle-oval

больше 9 лет назад

ELSA-2015-1978: kernel security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 17%

0.00055

Низкий

4 Medium

CVSS2