CVE-2014-8086 — Race Condition in Kernel

CWE-362 — Race Condition10 documents8 sources

Severity

4.7MEDIUMNVD

EPSS

0.0%

top 89.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Suse Linux Enterprise Server

Timeline

PublishedOct 13

Latest updateMay 13

Description

Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages3 packages

▶Debianlinux/linux_kernel< 3.16.7-ckt2-1+3

▶NVDlinux/linux_kernel3.17

▶NVDsuse/suse_linux_enterprise_server11

Patches

Patch: www.spinics.net ↗Patch: bugzilla.redhat.com ↗Patch: www.spinics.net ↗

🔴Vulnerability Details

GHSA

GHSA-9jxp-4r84-xf98: Race condition in the ext4_file_write_iter function in fs/ext4/file↗2022-05-13

▶

OSV

CVE-2014-8086: Race condition in the ext4_file_write_iter function in fs/ext4/file↗2014-10-13

▶

CVEList

CVE-2014-8086: Race condition in the ext4_file_write_iter function in fs/ext4/file↗2014-10-13

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Utopic HWE) vulnerabilities↗2014-12-12

▶

Ubuntu

Linux kernel vulnerabilities↗2014-12-12

▶

Red Hat

Kernel: fs: ext4 race condition↗2014-10-09

▶

Debian

CVE-2014-8086: linux - Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Lin...↗2014

▶

💬Community

Bugzilla

CVE-2014-8086 Kernel: fs: ext4 race condition [fedora-all]↗2014-10-14

▶

Bugzilla

CVE-2014-8086 Kernel: fs: ext4 race condition↗2014-10-10

▶