CVE-2016-8660

Опубликовано: 13 окт. 2016

Источник: redhat

CVSS3: 5.5

CVSS2: 4.7

EPSS Низкий

Описание

The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a "page lock order bug in the XFS seek hole/data implementation."

The XFS subsystem in the Linux kernel 4.4 and later allows local users to cause a denial of service (fdatasync() failure and system hang) by using the vfs syscall group in the 'trinity' program, as a result of a page lock order bug in the XFS seek hole/data implementation.

Отчет

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG-2 as the code with the flaw is not present in the products listed.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-667

https://bugzilla.redhat.com/show_bug.cgi?id=1384851kernel: xfs: local DoS due to a page lock order bug in the XFS seek hole/data implementation

EPSS

Процентиль: 30%

0.0011

Низкий

5.5 Medium

CVSS3

4.7 Medium

CVSS2

Связанные уязвимости

CVE-2016-8660

CVSS3: 5.5

ubuntu

больше 9 лет назад

CVE-2016-8660

CVSS3: 5.5

nvd

больше 9 лет назад

CVE-2016-8660

CVSS3: 5.5

debian

больше 9 лет назад

The XFS subsystem in the Linux kernel through 4.8.2 allows local users ...

GHSA-xh6w-jrm8-9v99

CVSS3: 5.5

github

больше 3 лет назад

EPSS

Процентиль: 30%

0.0011

Низкий

5.5 Medium

CVSS3

4.7 Medium

CVSS2