[v2.5] kernel: ext4 race condition (CVE-2014-8086)
Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag.
•MLIST:[linux-ext4] 20141009 [PATCH] add aio/dio regression test
race between write and fcntl
•URL: http://www.spinics.net/lists/linux-ext4/msg45685.html
•MLIST:[linux-ext4] 20141009 [PATCH] ext4: fix race between write
and fcntl(F_SETFL)
•URL: http://www.spinics.net/lists/linux-ext4/msg45683.html
•MLIST:[linux-kernel] 20141008 ext4: kernel BUG at
fs/ext4/inode.c:2959!
•URL: https://lkml.org/lkml/2014/10/8/545
•MLIST:[linux-kernel] 20141009 Re: ext4: kernel BUG at
fs/ext4/inode.c:2959!
•URL: https://lkml.org/lkml/2014/10/9/129
•MLIST:[oss-security] 20141009 CVE-2014-8086 - Linux kernel ext4 race
condition
•URL: http://www.openwall.com/lists/oss-security/2014/10/09/25
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1151353
•BID:70376
•URL: http://www.securityfocus.com/bid/70376
•XF:linux-kernel-cve20148086-dos(96922)
•URL: http://xforce.iss.net/xforce/xfdb/96922
•COMMIT:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a41537e69b4aa43f0fea02498c2595a81267383b
(from redmine: issue id 3514, created on 2014-11-12, closed on 2015-05-07)
- Relations:
- parent #3513