|
|
Log in / Subscribe / Register

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2014-8172 CVE-2014-8173 CVE-2015-0274
Created:March 6, 2015 Updated:March 11, 2015
Description:

From the Red Hat advisory:

A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system. (CVE-2015-0274)

It was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8172)

A NULL pointer dereference flaw was found in the way the Linux kernel's madvise MADV_WILLNEED functionality handled page table locking. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-8173)

Alerts:
openSUSE openSUSE-SU-2015:0714-1 kernel 2015-04-13
Scientific Linux SLSA-2015:0290-1 kernel 2015-03-25
Ubuntu USN-2543-1 linux-lts-trusty 2015-03-24
Ubuntu USN-2544-1 kernel 2015-03-24
Oracle ELSA-2015-3012 kernel 2015-03-19
Oracle ELSA-2015-3012 kernel 2015-03-19
Red Hat RHSA-2015:0694-01 kernel-rt 2015-03-17
Red Hat RHSA-2015:0290-01 kernel 2015-03-05
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds