CVE-2014-8172

EPSS 0.1%
Veröffentlicht 16.03.2015 10:59:02
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service (soft lockup or system crash) via unspecified use of Asynchronous I/O (AIO) operations.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 3.12.17

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.283

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

http://rhn.redhat.com/errata/RHSA-2015-0290.html

http://rhn.redhat.com/errata/RHSA-2015-0694.html

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eee5cc2702929fd41cce28058dc6d6717f723f87

http://www.openwall.com/lists/oss-security/2015/03/09/3

https://bugzilla.redhat.com/show_bug.cgi?id=1198503

https://github.com/torvalds/linux/commit/eee5cc2702929fd41cce28058dc6d6717f723f87

https://nvd.nist.gov/vuln/detail/CVE-2014-8172

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-8172

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-8172

EUVD