CVE-2014-7283
published 2014-10-13CVE-2014-7283: The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash…
medium4.9CVSS 3.1
AVLACLAuNCNINAC
The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 3.16.2-1 (bookworm) | linux 3.16.2-1 (bookworm) |
| linux | linux_kernel | < 3.14.2 | 3.14.2 |
| linux | linux_kernel | >= 0 < 3.16.2-1 | 3.16.2-1 |
| linux | linux_kernel | >= 0 < 3.16.2-1 | 3.16.2-1 |
| linux | linux_kernel | >= 0 < 3.16.2-1 | 3.16.2-1 |
| linux | linux_kernel | >= 0 < 3.16.2-1 | 3.16.2-1 |
| linux | linux_kernel | >= 0 < 3.13.0-27.50 | 3.13.0-27.50 |
| redhat | mrg_realtime | — | — |
CVSS provenance
nvd4.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
osv5.5MEDIUM