Vulnerability-Lookup

CVE-2014-8559 (GCVE-0-2014-8559)

Vulnerability from cvelistv5 – Published: 2014-11-10 11:00 – Updated: 2024-08-06 13:18

Summary

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

31 references

URL	Tags
https://lkml.org/lkml/2014/10/26/116	mailing-listx_refsource_MLIST
http://www.ubuntu.com/usn/USN-2515-1	vendor-advisoryx_refsource_UBUNTU
https://lkml.org/lkml/2014/10/26/101	mailing-listx_refsource_MLIST
http://www.debian.org/security/2015/dsa-3170	vendor-advisoryx_refsource_DEBIAN
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://www.ubuntu.com/usn/USN-2492-1	vendor-advisoryx_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2015-1978.html	vendor-advisoryx_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2014/10/30/7	mailing-listx_refsource_MLIST
http://secunia.com/advisories/62801	third-party-advisoryx_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2015-1976.html	vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://lkml.org/lkml/2014/10/26/128	mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/70854	vdb-entryx_refsource_BID
https://lkml.org/lkml/2014/10/25/179	mailing-listx_refsource_MLIST
http://www.ubuntu.com/usn/USN-2518-1	vendor-advisoryx_refsource_UBUNTU
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://git.kernel.org/cgit/linux/kernel/git/torv…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://lkml.org/lkml/2014/10/26/129	mailing-listx_refsource_MLIST
http://www.ubuntu.com/usn/USN-2493-1	vendor-advisoryx_refsource_UBUNTU
http://www.securitytracker.com/id/1034051	vdb-entryx_refsource_SECTRACK
https://git.kernel.org/cgit/linux/kernel/git/torv…	x_refsource_CONFIRM
https://lkml.org/lkml/2014/10/25/180	mailing-listx_refsource_MLIST
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://www.ubuntu.com/usn/USN-2517-1	vendor-advisoryx_refsource_UBUNTU
https://lkml.org/lkml/2014/10/25/171	mailing-listx_refsource_MLIST
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://www.ubuntu.com/usn/USN-2516-1	vendor-advisoryx_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=1159313	x_refsource_CONFIRM
https://support.f5.com/csp/article/K05211147	x_refsource_CONFIRM

Date Public ?

2014-10-25 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:18:48.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2014/10/26/116"
          },
          {
            "name": "USN-2515-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2515-1"
          },
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2014/10/26/101"
          },
          {
            "name": "DSA-3170",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3170"
          },
          {
            "name": "SUSE-SU-2015:0736",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
          },
          {
            "name": "USN-2492-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2492-1"
          },
          {
            "name": "RHSA-2015:1978",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1978.html"
          },
          {
            "name": "[oss-security] 20141030 CVE-2014-8559 - Linux kernel fs/dcache.c incorrect use of rename_lock",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/10/30/7"
          },
          {
            "name": "62801",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62801"
          },
          {
            "name": "RHSA-2015:1976",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1976.html"
          },
          {
            "name": "SUSE-SU-2015:0178",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
          },
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2014/10/26/128"
          },
          {
            "name": "70854",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70854"
          },
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2014/10/25/179"
          },
          {
            "name": "USN-2518-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2518-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "name": "SUSE-SU-2015:0481",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10"
          },
          {
            "name": "openSUSE-SU-2015:0566",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
          },
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2014/10/26/129"
          },
          {
            "name": "USN-2493-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2493-1"
          },
          {
            "name": "1034051",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034051"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28"
          },
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2014/10/25/180"
          },
          {
            "name": "SUSE-SU-2015:0529",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html"
          },
          {
            "name": "USN-2517-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2517-1"
          },
          {
            "name": "[linux-kernel] 20141025 fs: lockup on rename_mutex in fs/dcache.c:1035",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2014/10/25/171"
          },
          {
            "name": "openSUSE-SU-2015:0714",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"
          },
          {
            "name": "USN-2516-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2516-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K05211147"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-08T19:06:05.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2014/10/26/116"
        },
        {
          "name": "USN-2515-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2515-1"
        },
        {
          "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2014/10/26/101"
        },
        {
          "name": "DSA-3170",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3170"
        },
        {
          "name": "SUSE-SU-2015:0736",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
        },
        {
          "name": "USN-2492-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2492-1"
        },
        {
          "name": "RHSA-2015:1978",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1978.html"
        },
        {
          "name": "[oss-security] 20141030 CVE-2014-8559 - Linux kernel fs/dcache.c incorrect use of rename_lock",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/10/30/7"
        },
        {
          "name": "62801",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62801"
        },
        {
          "name": "RHSA-2015:1976",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1976.html"
        },
        {
          "name": "SUSE-SU-2015:0178",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
        },
        {
          "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2014/10/26/128"
        },
        {
          "name": "70854",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70854"
        },
        {
          "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2014/10/25/179"
        },
        {
          "name": "USN-2518-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2518-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
        },
        {
          "name": "SUSE-SU-2015:0481",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10"
        },
        {
          "name": "openSUSE-SU-2015:0566",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
        },
        {
          "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2014/10/26/129"
        },
        {
          "name": "USN-2493-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2493-1"
        },
        {
          "name": "1034051",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034051"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28"
        },
        {
          "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2014/10/25/180"
        },
        {
          "name": "SUSE-SU-2015:0529",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html"
        },
        {
          "name": "USN-2517-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2517-1"
        },
        {
          "name": "[linux-kernel] 20141025 fs: lockup on rename_mutex in fs/dcache.c:1035",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2014/10/25/171"
        },
        {
          "name": "openSUSE-SU-2015:0714",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"
        },
        {
          "name": "USN-2516-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2516-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K05211147"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8559",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2014/10/26/116"
            },
            {
              "name": "USN-2515-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2515-1"
            },
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2014/10/26/101"
            },
            {
              "name": "DSA-3170",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3170"
            },
            {
              "name": "SUSE-SU-2015:0736",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
            },
            {
              "name": "USN-2492-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2492-1"
            },
            {
              "name": "RHSA-2015:1978",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1978.html"
            },
            {
              "name": "[oss-security] 20141030 CVE-2014-8559 - Linux kernel fs/dcache.c incorrect use of rename_lock",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/10/30/7"
            },
            {
              "name": "62801",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62801"
            },
            {
              "name": "RHSA-2015:1976",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1976.html"
            },
            {
              "name": "SUSE-SU-2015:0178",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
            },
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2014/10/26/128"
            },
            {
              "name": "70854",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70854"
            },
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2014/10/25/179"
            },
            {
              "name": "USN-2518-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2518-1"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
            },
            {
              "name": "SUSE-SU-2015:0481",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
            },
            {
              "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10"
            },
            {
              "name": "openSUSE-SU-2015:0566",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
            },
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2014/10/26/129"
            },
            {
              "name": "USN-2493-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2493-1"
            },
            {
              "name": "1034051",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034051"
            },
            {
              "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28"
            },
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2014/10/25/180"
            },
            {
              "name": "SUSE-SU-2015:0529",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html"
            },
            {
              "name": "USN-2517-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2517-1"
            },
            {
              "name": "[linux-kernel] 20141025 fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2014/10/25/171"
            },
            {
              "name": "openSUSE-SU-2015:0714",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"
            },
            {
              "name": "USN-2516-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2516-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313"
            },
            {
              "name": "https://support.f5.com/csp/article/K05211147",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K05211147"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8559",
    "datePublished": "2014-11-10T11:00:00.000Z",
    "dateReserved": "2014-10-30T00:00:00.000Z",
    "dateUpdated": "2024-08-06T13:18:48.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2014-8559",
      "date": "2026-05-22",
      "epss": "0.00055",
      "percentile": "0.17189"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.17.2\", \"matchCriteriaId\": \"D5362594-2AE6-4AFD-A1FB-FCB55482F71E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"8D305F7A-D159-4716-AB26-5E38BB5CD991\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"815D70A8-47D3-459C-A32C-9FEACA0659D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49A63F39-30BE-443F-AF10-6245587D3359\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA04C9F1-6257-4D82-BA0B-37DE66D94736\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A10BC294-9196-425F-9FB0-B1625465B47F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3DB41B45-D94D-4A58-88B0-B3EC3EC350E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"1831D45A-EE6E-4220-8F8C-248B69520948\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DFA18B6-2642-470A-A350-68947529EE5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"C202F75B-221A-40BB-8A0D-451335B39937\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"44B8FEDF-6CB0-46E9-9AD7-4445B001C158\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n d_walk en fs/dcache.c en el kernel de Linux hasta 3.17.2 no mantiene debidamente la sem\\u00e1ntica de rename_lock, lo que permite a usuarios locales causar una denegaci\\u00f3n de servicio (bloqueo y cuelgue del sistema) a trav\\u00e9s de una aplicaci\\u00f3n manipulada.\"}]",
      "id": "CVE-2014-8559",
      "lastModified": "2024-11-21T02:19:20.253",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 4.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-11-10T11:55:09.813",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1976.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1978.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/62801\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3170\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/10/30/7\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/70854\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1034051\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2492-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2493-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2515-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2516-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2517-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2518-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1159313\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/25/171\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/25/179\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/25/180\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/26/101\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/26/116\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/26/128\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/26/129\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K05211147\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1976.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1978.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/62801\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3170\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/10/30/7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/70854\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1034051\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2492-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2493-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2515-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2516-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2517-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2518-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1159313\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/25/171\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/25/179\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/25/180\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/26/101\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/26/116\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/26/128\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lkml.org/lkml/2014/10/26/129\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K05211147\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-400\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-8559\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-11-10T11:55:09.813\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n d_walk en fs/dcache.c en el kernel de Linux hasta 3.17.2 no mantiene debidamente la sem\u00e1ntica de rename_lock, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (bloqueo y cuelgue del sistema) a trav\u00e9s de una aplicaci\u00f3n manipulada.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.17.2\",\"matchCriteriaId\":\"D5362594-2AE6-4AFD-A1FB-FCB55482F71E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"8D305F7A-D159-4716-AB26-5E38BB5CD991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49A63F39-30BE-443F-AF10-6245587D3359\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA04C9F1-6257-4D82-BA0B-37DE66D94736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10BC294-9196-425F-9FB0-B1625465B47F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DB41B45-D94D-4A58-88B0-B3EC3EC350E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1831D45A-EE6E-4220-8F8C-248B69520948\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DFA18B6-2642-470A-A350-68947529EE5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"C202F75B-221A-40BB-8A0D-451335B39937\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"44B8FEDF-6CB0-46E9-9AD7-4445B001C158\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1976.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1978.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/62801\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3170\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/10/30/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/70854\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1034051\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2492-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2493-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2515-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2516-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2517-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2518-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1159313\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/25/171\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/25/179\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/25/180\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/26/101\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/26/116\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/26/128\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/26/129\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K05211147\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1976.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1978.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/62801\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/10/30/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/70854\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1034051\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2492-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2493-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2515-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2516-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2517-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2518-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1159313\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/25/171\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/25/179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/25/180\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/26/101\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/26/116\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/26/128\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lkml.org/lkml/2014/10/26/129\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K05211147\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

CERTFR-2015-AVI-054

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans le noyau Linux de Ubuntu. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Ubuntu 10.04 LTS, 12.04 LTS

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu usn-2491-1 du 04 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-2492-1 du 04 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-2490-1 du 04 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-2493-1 du 04 février 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eUbuntu 10.04 LTS, 12.04 LTS\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-8133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8133"
    },
    {
      "name": "CVE-2014-9420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9420"
    },
    {
      "name": "CVE-2014-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3611"
    },
    {
      "name": "CVE-2014-3610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3610"
    },
    {
      "name": "CVE-2014-9322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9322"
    },
    {
      "name": "CVE-2014-8559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8559"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-054",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-02-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-2491-1 du 04 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2491-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-2492-1 du 04 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2492-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-2490-1 du 04 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2490-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-2493-1 du 04 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2493-1/"
    }
  ]
}

CERTFR-2015-AVI-081

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 12.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 LTS
Ubuntu	Ubuntu	Ubuntu 10.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.10

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-2516-3 du 04 mars 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2518-1 du 26 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2516-1 du 26 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2511-1 du 26 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2513-1 du 26 février 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 12.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 10.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-7970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7970"
    },
    {
      "name": "CVE-2014-9585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9585"
    },
    {
      "name": "CVE-2014-9419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9419"
    },
    {
      "name": "CVE-2013-7421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-7421"
    },
    {
      "name": "CVE-2015-0239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0239"
    },
    {
      "name": "CVE-2014-8133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8133"
    },
    {
      "name": "CVE-2014-8160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8160"
    },
    {
      "name": "CVE-2014-9420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9420"
    },
    {
      "name": "CVE-2014-9584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9584"
    },
    {
      "name": "CVE-2014-9529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9529"
    },
    {
      "name": "CVE-2014-9683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9683"
    },
    {
      "name": "CVE-2014-8989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8989"
    },
    {
      "name": "CVE-2014-8559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8559"
    },
    {
      "name": "CVE-2014-9644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9644"
    },
    {
      "name": "CVE-2014-9428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9428"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-081",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-02-27T00:00:00.000000"
    },
    {
      "description": "mise \u00e0 jour suite \u00e0 la correction d\u0027une r\u00e9gression.",
      "revision_date": "2015-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer un d\u00e9ni de service, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2516-3 du 04 mars 2015",
      "url": "http://www.ubuntu.com/usn/usn-2516-3/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2518-1 du 26 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2518-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2516-1 du 26 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2516-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2511-1 du 26 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2511-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2513-1 du 26 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2513-1/"
    }
  ]
}

CERTFR-2015-AVI-359

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans le noyau Linux de Fedora. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Noyau Linux de Fedora versions inférieures à 4.1.5-100.fc21

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Fedora-2015-13391 du 19 août 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eNoyau Linux de Fedora versions inf\u00e9rieures \u00e0  4.1.5-100.fc21\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-9090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9090"
    },
    {
      "name": "CVE-2014-9585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9585"
    },
    {
      "name": "CVE-2015-3290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3290"
    },
    {
      "name": "CVE-2014-8159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8159"
    },
    {
      "name": "CVE-2015-3339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3339"
    },
    {
      "name": "CVE-2015-0239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0239"
    },
    {
      "name": "CVE-2015-3291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3291"
    },
    {
      "name": "CVE-2015-2666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2666"
    },
    {
      "name": "CVE-2015-5697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5697"
    },
    {
      "name": "CVE-2014-8133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8133"
    },
    {
      "name": "CVE-2015-1593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1593"
    },
    {
      "name": "CVE-2014-8134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8134"
    },
    {
      "name": "CVE-2015-1333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1333"
    },
    {
      "name": "CVE-2015-2150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2150"
    },
    {
      "name": "CVE-2015-1421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1421"
    },
    {
      "name": "CVE-2014-9529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9529"
    },
    {
      "name": "CVE-2015-1420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1420"
    },
    {
      "name": "CVE-2015-2042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2042"
    },
    {
      "name": "CVE-2015-0275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0275"
    },
    {
      "name": "CVE-2014-8989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8989"
    },
    {
      "name": "CVE-2014-8559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8559"
    },
    {
      "name": "CVE-2015-3636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3636"
    },
    {
      "name": "CVE-2014-9428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9428"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-359",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-08-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le \u003cspan\nclass=\"textit\"\u003enoyau Linux de Fedora\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Fedora",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Fedora-2015-13391 du 19 ao\u00fbt 2015",
      "url": "https://lwn.net/Articles/654984/"
    }
  ]
}

CERTFR-2015-AVI-054

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Ubuntu 10.04 LTS, 12.04 LTS

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu usn-2491-1 du 04 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-2492-1 du 04 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-2490-1 du 04 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu usn-2493-1 du 04 février 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eUbuntu 10.04 LTS, 12.04 LTS\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-8133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8133"
    },
    {
      "name": "CVE-2014-9420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9420"
    },
    {
      "name": "CVE-2014-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3611"
    },
    {
      "name": "CVE-2014-3610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3610"
    },
    {
      "name": "CVE-2014-9322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9322"
    },
    {
      "name": "CVE-2014-8559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8559"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-054",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-02-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-2491-1 du 04 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2491-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-2492-1 du 04 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2492-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-2490-1 du 04 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2490-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-2493-1 du 04 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2493-1/"
    }
  ]
}

CERTFR-2015-AVI-081

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 12.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 LTS
Ubuntu	Ubuntu	Ubuntu 10.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.10

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-2516-3 du 04 mars 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2518-1 du 26 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2516-1 du 26 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2511-1 du 26 février 2015	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-2513-1 du 26 février 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 12.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 10.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-7970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7970"
    },
    {
      "name": "CVE-2014-9585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9585"
    },
    {
      "name": "CVE-2014-9419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9419"
    },
    {
      "name": "CVE-2013-7421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-7421"
    },
    {
      "name": "CVE-2015-0239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0239"
    },
    {
      "name": "CVE-2014-8133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8133"
    },
    {
      "name": "CVE-2014-8160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8160"
    },
    {
      "name": "CVE-2014-9420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9420"
    },
    {
      "name": "CVE-2014-9584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9584"
    },
    {
      "name": "CVE-2014-9529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9529"
    },
    {
      "name": "CVE-2014-9683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9683"
    },
    {
      "name": "CVE-2014-8989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8989"
    },
    {
      "name": "CVE-2014-8559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8559"
    },
    {
      "name": "CVE-2014-9644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9644"
    },
    {
      "name": "CVE-2014-9428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9428"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-081",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-02-27T00:00:00.000000"
    },
    {
      "description": "mise \u00e0 jour suite \u00e0 la correction d\u0027une r\u00e9gression.",
      "revision_date": "2015-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer un d\u00e9ni de service, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2516-3 du 04 mars 2015",
      "url": "http://www.ubuntu.com/usn/usn-2516-3/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2518-1 du 26 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2518-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2516-1 du 26 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2516-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2511-1 du 26 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2511-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2513-1 du 26 f\u00e9vrier 2015",
      "url": "http://www.ubuntu.com/usn/usn-2513-1/"
    }
  ]
}

CERTFR-2015-AVI-359

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Noyau Linux de Fedora versions inférieures à 4.1.5-100.fc21

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Fedora-2015-13391 du 19 août 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eNoyau Linux de Fedora versions inf\u00e9rieures \u00e0  4.1.5-100.fc21\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-9090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9090"
    },
    {
      "name": "CVE-2014-9585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9585"
    },
    {
      "name": "CVE-2015-3290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3290"
    },
    {
      "name": "CVE-2014-8159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8159"
    },
    {
      "name": "CVE-2015-3339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3339"
    },
    {
      "name": "CVE-2015-0239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0239"
    },
    {
      "name": "CVE-2015-3291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3291"
    },
    {
      "name": "CVE-2015-2666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2666"
    },
    {
      "name": "CVE-2015-5697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5697"
    },
    {
      "name": "CVE-2014-8133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8133"
    },
    {
      "name": "CVE-2015-1593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1593"
    },
    {
      "name": "CVE-2014-8134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8134"
    },
    {
      "name": "CVE-2015-1333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1333"
    },
    {
      "name": "CVE-2015-2150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2150"
    },
    {
      "name": "CVE-2015-1421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1421"
    },
    {
      "name": "CVE-2014-9529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9529"
    },
    {
      "name": "CVE-2015-1420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1420"
    },
    {
      "name": "CVE-2015-2042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2042"
    },
    {
      "name": "CVE-2015-0275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0275"
    },
    {
      "name": "CVE-2014-8989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8989"
    },
    {
      "name": "CVE-2014-8559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8559"
    },
    {
      "name": "CVE-2015-3636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3636"
    },
    {
      "name": "CVE-2014-9428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9428"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-359",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-08-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le \u003cspan\nclass=\"textit\"\u003enoyau Linux de Fedora\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Fedora",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Fedora-2015-13391 du 19 ao\u00fbt 2015",
      "url": "https://lwn.net/Articles/654984/"
    }
  ]
}

FKIE_CVE-2014-8559

Vulnerability from fkie_nvd - Published: 2014-11-10 11:55 - Updated: 2026-05-06 22:30

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html	Mailing List, Third Party Advisory
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2015-1976.html	Third Party Advisory
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2015-1978.html	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/62801	Broken Link
cve@mitre.org	http://www.debian.org/security/2015/dsa-3170	Exploit, Patch, Third Party Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2014/10/30/7	Mailing List, Third Party Advisory
cve@mitre.org	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/70854	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1034051	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.ubuntu.com/usn/USN-2492-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2493-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2515-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2516-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2517-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2518-1	Third Party Advisory
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=1159313	Issue Tracking, Patch, Third Party Advisory
cve@mitre.org	https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28	Mailing List, Patch, Vendor Advisory
cve@mitre.org	https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10	Mailing List, Patch, Vendor Advisory
cve@mitre.org	https://lkml.org/lkml/2014/10/25/171	Exploit, Mailing List, Third Party Advisory
cve@mitre.org	https://lkml.org/lkml/2014/10/25/179	Mailing List, Patch, Third Party Advisory
cve@mitre.org	https://lkml.org/lkml/2014/10/25/180	Mailing List, Patch, Third Party Advisory
cve@mitre.org	https://lkml.org/lkml/2014/10/26/101	Mailing List, Third Party Advisory
cve@mitre.org	https://lkml.org/lkml/2014/10/26/116	Exploit, Mailing List, Third Party Advisory
cve@mitre.org	https://lkml.org/lkml/2014/10/26/128	Mailing List, Third Party Advisory
cve@mitre.org	https://lkml.org/lkml/2014/10/26/129	Mailing List, Third Party Advisory
cve@mitre.org	https://support.f5.com/csp/article/K05211147	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-1976.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-1978.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62801	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2015/dsa-3170	Exploit, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2014/10/30/7	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/70854	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034051	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2492-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2493-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2515-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2516-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2517-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2518-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1159313	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28	Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10	Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lkml.org/lkml/2014/10/25/171	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lkml.org/lkml/2014/10/25/179	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lkml.org/lkml/2014/10/25/180	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lkml.org/lkml/2014/10/26/101	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lkml.org/lkml/2014/10/26/116	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lkml.org/lkml/2014/10/26/128	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lkml.org/lkml/2014/10/26/129	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K05211147	Third Party Advisory

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	14.10
novell	suse_linux_enterprise_desktop	12.0
novell	suse_linux_enterprise_server	12.0
opensuse	evergreen	11.4
opensuse	opensuse	13.1
suse	linux_enterprise_real_time_extension	11
suse	linux_enterprise_software_development_kit	12
suse	linux_enterprise_workstation_extension	12
suse	suse_linux_enterprise_server	11
oracle	linux	7

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5362594-2AE6-4AFD-A1FB-FCB55482F71E",
              "versionEndIncluding": "3.17.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA04C9F1-6257-4D82-BA0B-37DE66D94736",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3DB41B45-D94D-4A58-88B0-B3EC3EC350E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFA18B6-2642-470A-A350-68947529EE5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
              "matchCriteriaId": "C202F75B-221A-40BB-8A0D-451335B39937",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
              "matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n d_walk en fs/dcache.c en el kernel de Linux hasta 3.17.2 no mantiene debidamente la sem\u00e1ntica de rename_lock, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (bloqueo y cuelgue del sistema) a trav\u00e9s de una aplicaci\u00f3n manipulada."
    }
  ],
  "id": "CVE-2014-8559",
  "lastModified": "2026-05-06T22:30:45.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2014-11-10T11:55:09.813",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1976.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1978.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62801"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2015/dsa-3170"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/10/30/7"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/70854"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1034051"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2492-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2493-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2515-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2516-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2517-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2518-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/25/171"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/25/179"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/25/180"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/26/101"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/26/116"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/26/128"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/26/129"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K05211147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1976.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1978.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62801"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2015/dsa-3170"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/10/30/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/70854"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1034051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2492-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2493-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2515-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2516-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2517-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2518-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/25/171"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/25/179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/25/180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/26/101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/26/116"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/26/128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2014/10/26/129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K05211147"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-QFRW-Q7QP-V27X

Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2022-05-13 01:23

Details

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-8559"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-11-10T11:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.",
  "id": "GHSA-qfrw-q7qp-v27x",
  "modified": "2022-05-13T01:23:44Z",
  "published": "2022-05-13T01:23:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8559"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10"
    },
    {
      "type": "WEB",
      "url": "https://lkml.org/lkml/2014/10/25/171"
    },
    {
      "type": "WEB",
      "url": "https://lkml.org/lkml/2014/10/25/179"
    },
    {
      "type": "WEB",
      "url": "https://lkml.org/lkml/2014/10/25/180"
    },
    {
      "type": "WEB",
      "url": "https://lkml.org/lkml/2014/10/26/101"
    },
    {
      "type": "WEB",
      "url": "https://lkml.org/lkml/2014/10/26/116"
    },
    {
      "type": "WEB",
      "url": "https://lkml.org/lkml/2014/10/26/128"
    },
    {
      "type": "WEB",
      "url": "https://lkml.org/lkml/2014/10/26/129"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K05211147"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1976.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1978.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/62801"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2015/dsa-3170"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2014/10/30/7"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/70854"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034051"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2492-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2493-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2515-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2516-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2517-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2518-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2014-8559

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-8559

Aliases

CVE-2014-8559

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-8559",
    "description": "The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.",
    "id": "GSD-2014-8559",
    "references": [
      "https://www.suse.com/security/cve/CVE-2014-8559.html",
      "https://www.debian.org/security/2015/dsa-3170",
      "https://access.redhat.com/errata/RHSA-2015:1978",
      "https://access.redhat.com/errata/RHSA-2015:1977",
      "https://access.redhat.com/errata/RHSA-2015:1976",
      "https://ubuntu.com/security/CVE-2014-8559",
      "https://linux.oracle.com/cve/CVE-2014-8559.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-8559"
      ],
      "details": "The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.",
      "id": "GSD-2014-8559",
      "modified": "2023-12-13T01:22:49.550680Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-8559",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "refsource": "MLIST",
            "url": "https://lkml.org/lkml/2014/10/26/116"
          },
          {
            "name": "USN-2515-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2515-1"
          },
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "refsource": "MLIST",
            "url": "https://lkml.org/lkml/2014/10/26/101"
          },
          {
            "name": "DSA-3170",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2015/dsa-3170"
          },
          {
            "name": "SUSE-SU-2015:0736",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
          },
          {
            "name": "USN-2492-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2492-1"
          },
          {
            "name": "RHSA-2015:1978",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1978.html"
          },
          {
            "name": "[oss-security] 20141030 CVE-2014-8559 - Linux kernel fs/dcache.c incorrect use of rename_lock",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2014/10/30/7"
          },
          {
            "name": "62801",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/62801"
          },
          {
            "name": "RHSA-2015:1976",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1976.html"
          },
          {
            "name": "SUSE-SU-2015:0178",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
          },
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "refsource": "MLIST",
            "url": "https://lkml.org/lkml/2014/10/26/128"
          },
          {
            "name": "70854",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/70854"
          },
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "refsource": "MLIST",
            "url": "https://lkml.org/lkml/2014/10/25/179"
          },
          {
            "name": "USN-2518-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2518-1"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "name": "SUSE-SU-2015:0481",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
          },
          {
            "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10",
            "refsource": "CONFIRM",
            "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10"
          },
          {
            "name": "openSUSE-SU-2015:0566",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
          },
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "refsource": "MLIST",
            "url": "https://lkml.org/lkml/2014/10/26/129"
          },
          {
            "name": "USN-2493-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2493-1"
          },
          {
            "name": "1034051",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034051"
          },
          {
            "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28",
            "refsource": "CONFIRM",
            "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28"
          },
          {
            "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
            "refsource": "MLIST",
            "url": "https://lkml.org/lkml/2014/10/25/180"
          },
          {
            "name": "SUSE-SU-2015:0529",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html"
          },
          {
            "name": "USN-2517-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2517-1"
          },
          {
            "name": "[linux-kernel] 20141025 fs: lockup on rename_mutex in fs/dcache.c:1035",
            "refsource": "MLIST",
            "url": "https://lkml.org/lkml/2014/10/25/171"
          },
          {
            "name": "openSUSE-SU-2015:0714",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"
          },
          {
            "name": "USN-2516-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2516-1"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313"
          },
          {
            "name": "https://support.f5.com/csp/article/K05211147",
            "refsource": "CONFIRM",
            "url": "https://support.f5.com/csp/article/K05211147"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.17.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8559"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://lkml.org/lkml/2014/10/25/180"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313"
            },
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lkml.org/lkml/2014/10/26/129"
            },
            {
              "name": "[linux-kernel] 20141025 fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "tags": [
                "Exploit",
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lkml.org/lkml/2014/10/25/171"
            },
            {
              "name": "[oss-security] 20141030 CVE-2014-8559 - Linux kernel fs/dcache.c incorrect use of rename_lock",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/10/30/7"
            },
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "tags": [
                "Exploit",
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lkml.org/lkml/2014/10/26/116"
            },
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lkml.org/lkml/2014/10/26/128"
            },
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lkml.org/lkml/2014/10/26/101"
            },
            {
              "name": "[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://lkml.org/lkml/2014/10/25/179"
            },
            {
              "name": "70854",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/70854"
            },
            {
              "name": "62801",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/62801"
            },
            {
              "name": "USN-2516-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2516-1"
            },
            {
              "name": "USN-2517-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2517-1"
            },
            {
              "name": "USN-2492-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2492-1"
            },
            {
              "name": "USN-2518-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2518-1"
            },
            {
              "name": "USN-2515-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2515-1"
            },
            {
              "name": "USN-2493-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2493-1"
            },
            {
              "name": "SUSE-SU-2015:0178",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
            },
            {
              "name": "SUSE-SU-2015:0481",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
            },
            {
              "name": "DSA-3170",
              "refsource": "DEBIAN",
              "tags": [
                "Exploit",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3170"
            },
            {
              "name": "SUSE-SU-2015:0529",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html"
            },
            {
              "name": "openSUSE-SU-2015:0566",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
            },
            {
              "name": "SUSE-SU-2015:0736",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
            },
            {
              "name": "RHSA-2015:1978",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1978.html"
            },
            {
              "name": "RHSA-2015:1976",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1976.html"
            },
            {
              "name": "1034051",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1034051"
            },
            {
              "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10",
              "refsource": "CONFIRM",
              "tags": [
                "Mailing List",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca5358ef75fc69fee5322a38a340f5739d997c10"
            },
            {
              "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28",
              "refsource": "CONFIRM",
              "tags": [
                "Mailing List",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=946e51f2bf37f1656916eb75bd0742ba33983c28"
            },
            {
              "name": "openSUSE-SU-2015:0714",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K05211147",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://support.f5.com/csp/article/K05211147"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2020-08-13T17:42Z",
      "publishedDate": "2014-11-10T11:55Z"
    }
  }
}

RHSA-2015:1976

Vulnerability from csaf_redhat - Published: 2015-11-03 16:39 - Updated: 2025-11-21 17:53

Summary

Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Severity

Moderate

Notes

Topic: Updated kernel-rt packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Details: The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. (CVE-2014-8559, Moderate) This update provides a build of the kernel-rt package for Red Hat Enterprise MRG 2.5 that is layered on Red Hat Enterprise Linux 6, and fixes the following issues: * Unexpected completion is detected on Intel Ethernet x540 * Divide by zero error in intel_pstate_timer_func() [ inline s64 div_s64_rem() ] * NFS Recover from stateid-type error on SETATTR * pNFS RHEL 7.1 Data Server connection remains after umount due to lseg refcount leak * Race during NFS v4.0 recovery and standard IO. * Fix ip6t_SYNPROXY for namespaces and connection delay * synproxy window size and sequence number behaviour causes long connection delay * Crash in kmem_cache_alloc() during disk stress testing (using ipr) * xfs: sync/backport to upstream v4.1 * iscsi_session recovery_tmo revert back to default when a path becomes active * read from MD raid1 can fail if read from resync target fails * backport scsi-mq * unable to handle kernel paging request at 0000000000237037 [zswap] (BZ#1267373) All kernel-rt users are advised to upgrade to these updated packages, which correct these issues and add this enhancement. The system must be rebooted for this update to take effect.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2014-8559

A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system.

4.0 ()


                        
                          AV:L/AC:H/Au:N/C:N/I:N/A:C

Affected products

Fixed 16 products

Product	Version	Remediation
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-229.rt56.162.el6rt.src	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-229.rt56.162.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-229.rt56.162.el6rt.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-229.rt56.162.el6rt.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

References

9 references

URL	Category
https://access.redhat.com/errata/RHSA-2015:1976	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1159313	external
https://bugzilla.redhat.com/show_bug.cgi?id=1267373	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2014-8559	self
https://bugzilla.redhat.com/show_bug.cgi?id=1159313	external
https://www.cve.org/CVERecord?id=CVE-2014-8559	external
https://nvd.nist.gov/vuln/detail/CVE-2014-8559	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated kernel-rt packages that fix one security issue, several bugs, and\nadd one enhancement are now available for Red Hat Enterprise MRG 2.5.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel\u0027s VFS subsystem handled file\nsystem locks. A local, unprivileged user could use this flaw to trigger a\ndeadlock in the kernel, causing a denial of service on the system.\n(CVE-2014-8559, Moderate)\n\nThis update provides a build of the kernel-rt package for Red Hat\nEnterprise MRG 2.5 that is layered on Red Hat Enterprise Linux 6, and fixes\nthe following issues:\n\n* Unexpected completion is detected on Intel Ethernet x540\n\n* Divide by zero error in intel_pstate_timer_func() [ inline s64\ndiv_s64_rem() ]\n\n* NFS Recover from stateid-type error on SETATTR\n\n* pNFS RHEL 7.1 Data Server connection remains after umount due to lseg\nrefcount leak\n\n* Race during NFS v4.0 recovery and standard IO.\n\n* Fix ip6t_SYNPROXY for namespaces and connection delay\n\n* synproxy window size and sequence number behaviour causes long connection\ndelay\n\n* Crash in kmem_cache_alloc() during disk stress testing (using ipr)\n\n* xfs: sync/backport to upstream v4.1\n\n* iscsi_session recovery_tmo revert back to default when a path becomes\nactive\n\n* read from MD raid1 can fail if read from resync target fails\n\n* backport scsi-mq\n\n* unable to handle kernel paging request at 0000000000237037 [zswap]\n\n(BZ#1267373)\n\nAll kernel-rt users are advised to upgrade to these updated packages, which\ncorrect these issues and add this enhancement. The system must be rebooted\nfor this update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:1976",
        "url": "https://access.redhat.com/errata/RHSA-2015:1976"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1159313",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313"
      },
      {
        "category": "external",
        "summary": "1267373",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1267373"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1976.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2025-11-21T17:53:57+00:00",
      "generator": {
        "date": "2025-11-21T17:53:57+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2015:1976",
      "initial_release_date": "2015-11-03T16:39:30+00:00",
      "revision_history": [
        {
          "date": "2015-11-03T16:39:30+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-11-03T16:39:30+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:53:57+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
                "product": {
                  "name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
                  "product_id": "6Server-MRG-Realtime-2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise MRG for RHEL-6"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-trace-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-trace-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-vanilla-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-debug-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-vanilla-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_id": "kernel-rt-debug-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-229.rt56.162.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-firmware-1:3.10.0-229.rt56.162.el6rt.noarch",
                "product": {
                  "name": "kernel-rt-firmware-1:3.10.0-229.rt56.162.el6rt.noarch",
                  "product_id": "kernel-rt-firmware-1:3.10.0-229.rt56.162.el6rt.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-firmware@3.10.0-229.rt56.162.el6rt?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-doc-1:3.10.0-229.rt56.162.el6rt.noarch",
                "product": {
                  "name": "kernel-rt-doc-1:3.10.0-229.rt56.162.el6rt.noarch",
                  "product_id": "kernel-rt-doc-1:3.10.0-229.rt56.162.el6rt.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-229.rt56.162.el6rt?arch=noarch\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-1:3.10.0-229.rt56.162.el6rt.src",
                "product": {
                  "name": "kernel-rt-1:3.10.0-229.rt56.162.el6rt.src",
                  "product_id": "kernel-rt-1:3.10.0-229.rt56.162.el6rt.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-229.rt56.162.el6rt?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-1:3.10.0-229.rt56.162.el6rt.src as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-229.rt56.162.el6rt.src"
        },
        "product_reference": "kernel-rt-1:3.10.0-229.rt56.162.el6rt.src",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-doc-1:3.10.0-229.rt56.162.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-229.rt56.162.el6rt.noarch"
        },
        "product_reference": "kernel-rt-doc-1:3.10.0-229.rt56.162.el6rt.noarch",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-firmware-1:3.10.0-229.rt56.162.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-229.rt56.162.el6rt.noarch"
        },
        "product_reference": "kernel-rt-firmware-1:3.10.0-229.rt56.162.el6rt.noarch",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-devel-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-devel-1:3.10.0-229.rt56.162.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-229.rt56.162.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-8559",
      "discovery_date": "2014-10-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1159313"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the way the Linux kernel\u0027s VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: fs: deadlock due to incorrect usage of rename_lock",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.\n\nThis issue affects the version of the kernel package as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2. Future kernel updates for the respective releases may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-229.rt56.162.el6rt.src",
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-229.rt56.162.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-229.rt56.162.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-229.rt56.162.el6rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-8559"
        },
        {
          "category": "external",
          "summary": "RHBZ#1159313",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159313"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-8559",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-8559"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-8559",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8559"
        }
      ],
      "release_date": "2014-10-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-11-03T16:39:30+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-229.rt56.162.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-229.rt56.162.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-229.rt56.162.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-229.rt56.162.el6rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1976"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "products": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-229.rt56.162.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-229.rt56.162.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-229.rt56.162.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.162.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-229.rt56.162.el6rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: fs: deadlock due to incorrect usage of rename_lock"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-8559 (GCVE-0-2014-8559)

Solution

Solution

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature