Описание
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.
A flaw was found in the way the Linux kernel's ext4 file system handled the "page size > block size" condition when the fallocate zero range functionality was used. A local attacker could use this flaw to crash the system.
Отчет
This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6. This issue does affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2. Future updates in the respective releases may address this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2015:1788 | 15.09.2015 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2015:1778 | 15.09.2015 |
| Red Hat Enterprise MRG 2 | kernel-rt | Fixed | RHSA-2015:1787 | 15.09.2015 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.7 Medium
CVSS2
Связанные уязвимости
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel ...
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.
ELSA-2015-1778: kernel security and bug fix update (IMPORTANT)
EPSS
4.7 Medium
CVSS2