5.5

CVE-2015-8952

EPSS 0.08%
Published 16.10.2016 21:59:01
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as demonstrated by Ceph and Samba.

Affected products Warnungen 0 Metrics 3 CWE 0 References 16

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 4.5.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.202

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:N/A:P

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82939d7999dfc1f1998c4b1c12e2f19edbdff272

Patch

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be0726d33cb8f411945884664924bed3cb8c70ee

Patch

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f9a61eb4e2471c56a63cd804c7474128138c38ac

Patch

http://www.openwall.com/lists/oss-security/2016/08/22/2

Third Party Advisory

http://www.openwall.com/lists/oss-security/2016/08/25/4

Patch

Third Party Advisory

https://bugzilla.kernel.org/show_bug.cgi?id=107301

Third Party Advisory

Issue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=1360968

Third Party Advisory

VDB Entry

Issue Tracking

https://github.com/torvalds/linux/commit/82939d7999dfc1f1998c4b1c12e2f19edbdff272

Vendor Advisory

https://github.com/torvalds/linux/commit/be0726d33cb8f411945884664924bed3cb8c70ee

Patch

Issue Tracking

https://github.com/torvalds/linux/commit/f9a61eb4e2471c56a63cd804c7474128138c38ac

Issue Tracking

https://lwn.net/Articles/668718/

Third Party Advisory

https://usn.ubuntu.com/3582-1/

https://usn.ubuntu.com/3582-2/

https://nvd.nist.gov/vuln/detail/CVE-2015-8952

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-8952

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-8952

EUVD