4.9

CVE-2014-7283

Exploit
The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.14.2
RedhatMrg Realtime Version2.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.55% 0.414
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c88547a8119e3b581318ab65e9b72f27f23e641d
http://marc.info/?l=linux-xfs&m=139590613002926&w=2
Third Party Advisory
Exploit
http://rhn.redhat.com/errata/RHSA-2014-1943.html
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.2
Vendor Advisory
Release Notes
http://www.openwall.com/lists/oss-security/2014/10/01/29
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/70261
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1148777
Patch
Third Party Advisory
Exploit
Issue Tracking
https://github.com/torvalds/linux/commit/c88547a8119e3b581318ab65e9b72f27f23e641d
Patch
Third Party Advisory
Exploit