4.9
CVE-2014-7283
- EPSS 0.55%
- Veröffentlicht 13.10.2014 10:55:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 3.14.2
Redhat ≫ Mrg Realtime Version2.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.55% | 0.414 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 3.9 | 6.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c88547a8119e3b581318ab65e9b72f27f23e641d
http://marc.info/?l=linux-xfs&m=139590613002926&w=2
http://rhn.redhat.com/errata/RHSA-2014-1943.html
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.2
http://www.openwall.com/lists/oss-security/2014/10/01/29
http://www.securityfocus.com/bid/70261
https://bugzilla.redhat.com/show_bug.cgi?id=1148777
https://github.com/torvalds/linux/commit/c88547a8119e3b581318ab65e9b72f27f23e641d