CVE-2014-8086

Exploit

EPSS 0.04%
Veröffentlicht 13.10.2014 10:55:09
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 14

NVD 2 VulnDex Vulnerability Enrichment 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 3.17

Suse ≫ Suse Linux Enterprise Server Version11 Updatesp2 SwEditionltss

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.069

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.7	1	3.6	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.7	3.4	6.9	AV:L/AC:M/Au:N/C:N/I:N/A:C

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

http://rhn.redhat.com/errata/RHSA-2015-0290.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html

Third Party Advisory

Mailing List

http://rhn.redhat.com/errata/RHSA-2015-0694.html

Third Party Advisory

http://www.openwall.com/lists/oss-security/2014/10/09/25

Third Party Advisory

Mailing List

http://www.securityfocus.com/bid/70376

Third Party Advisory