Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8172

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2014-8172
Last Modified 23 Mar 2015 10:00:32
Published 16 Mar 2015 06:59:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-8172

Summary

The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service (soft lockup or system crash) via unspecified use of Asynchronous I/O (AIO) operations.

Vulnerable Systems

Operating System

  • Linux Kernel 3.12.17


References

CONFIRM - https://github.com/torvalds/linux/commit/eee5cc2702929fd41cce28058dc6d6717f723f87

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1198503

MLIST - [oss-security] 20150309 CVE-2014-8172

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=eee5cc2702929fd41cce28058dc6d6717f723f87

REDHAT - RHSA-2015:0290

REDHAT - RHSA-2015:0694


Last Updated: 27 May 2016 11:08:08