what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2014-8086

Status Candidate

Overview

Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag.

Related Files

Red Hat Security Advisory 2015-0694-01
Posted Mar 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0694-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system. A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system.

tags | advisory, remote, kernel, local
systems | linux, redhat
advisories | CVE-2014-7822, CVE-2014-8086, CVE-2014-8172, CVE-2014-8173, CVE-2015-0274
SHA-256 | 0e711acf0df6e837643b849c9bb486ba31ff24ef22e412c4d7f4581de627ee57
Red Hat Security Advisory 2015-0290-01
Posted Mar 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0290-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system. It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged user could use this flaw to cause denial of service on the system.

tags | advisory, remote, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2014-3690, CVE-2014-3940, CVE-2014-7825, CVE-2014-7826, CVE-2014-8086, CVE-2014-8160, CVE-2014-8172, CVE-2014-8173, CVE-2014-8709, CVE-2014-8884, CVE-2015-0274
SHA-256 | 1aebc78eb21f1a9fa9c0602f7e6c1ee22261ff3e5cb9a63185775754015e6f78
Ubuntu Security Notice USN-2448-2
Posted Dec 20, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2448-2 - USN-2448-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression TCP Throughput drops to zero for several drivers after upgrading. This update fixes the problem. An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel. Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace subsystem of the Linux kernel does not properly handle private syscall numbers. A local user could exploit this flaw to cause a denial of service (OOPS). A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-7825, CVE-2014-7826, CVE-2014-7970, CVE-2014-8086, CVE-2014-8134, CVE-2014-8369, CVE-2014-9090
SHA-256 | c47545b18e641e882b45a3c426edabfd912ad269d8872340a45d7660ebe5e154
Ubuntu Security Notice USN-2447-2
Posted Dec 20, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2447-2 - USN-2447-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression TCP Throughput drops to zero for several drivers after upgrading. This update fixes the problem. An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel. Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace subsystem of the Linux kernel does not properly handle private syscall numbers. A local user could exploit this flaw to cause a denial of service (OOPS). A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control Transmission Protocol) implementation in the Linux kernel was discovered. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-7825, CVE-2014-7826, CVE-2014-7970, CVE-2014-8086, CVE-2014-8134, CVE-2014-8369, CVE-2014-9090
SHA-256 | 48836bea6415674b21cc9d2e67d419022278c5cdd948c6b798dbc7a87a1e15be
Ubuntu Security Notice USN-2448-1
Posted Dec 12, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2448-1 - An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel. Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace subsystem of the Linux kernel does not properly handle private syscall numbers. A local user could exploit this flaw to cause a denial of service (OOPS). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-7825, CVE-2014-7826, CVE-2014-7970, CVE-2014-8086, CVE-2014-8134, CVE-2014-8369, CVE-2014-9090
SHA-256 | cc26cddcf990c6e4806b8a2830ba32c515f3b08214bf8c6381b965ed04395de6
Ubuntu Security Notice USN-2447-1
Posted Dec 12, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2447-1 - An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel. Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace subsystem of the Linux kernel does not properly handle private syscall numbers. A local user could exploit this flaw to cause a denial of service (OOPS). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-7825, CVE-2014-7826, CVE-2014-7970, CVE-2014-8086, CVE-2014-8134, CVE-2014-8369, CVE-2014-9090
SHA-256 | df1d53cc9704187a3bff3f08f70b26ee26d8e4cf0a0fd71fa2bd5ced9530d3d6
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    20 Files
  • 31
    Jan 31st
    31 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close