CVE-2015-0274 - The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remo

CVE-2015-0274

Summary

The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a denial of service (transaction overrun and data corruption) or possibly gain privileges by leveraging XFS filesystem access.

References

Vulnerable Configurations

cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.11.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.14:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.14:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.19:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.19:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.20:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.20:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.21:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.21:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.22:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.22:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.23:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.23:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.24:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.24:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.25:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.25:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.26:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.26:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.27:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.27:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.28:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.28:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.29:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.29:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.30:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.30:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.31:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.31:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.32:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.32:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.33:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.33:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.34:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.34:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.35:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.35:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.36:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.36:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.37:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.37:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.38:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.38:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.39:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.39:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.40:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.40:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.41:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.41:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.42:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.42:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.43:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.43:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.44:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.44:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.45:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.45:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.46:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.46:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.47:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.47:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.48:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.48:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.49:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.49:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.50:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.50:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.51:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.51:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.52:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.52:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.53:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.53:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.54:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.54:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.55:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.55:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.56:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.56:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.57:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.57:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.58:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.58:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.59:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.59:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.60:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.60:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.61:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.61:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.62:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.62:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.63:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.63:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.64:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.64:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.65:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.65:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.66:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.66:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.67:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.67:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.68:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.68:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.69:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.69:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.70:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.70:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.71:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.71:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.72:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.72:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.73:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.73:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.74:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.12.74:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.13.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc8:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14:rc8:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.14:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.14:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.19:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.19:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.20:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.20:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.21:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.21:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.22:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.22:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.23:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.23:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.24:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.24:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.25:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.25:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.26:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.26:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.27:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.27:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.28:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.28:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.29:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.29:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.30:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.30:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.31:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.31:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.32:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.32:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.33:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.33:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.34:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.34:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.35:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.35:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.36:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.36:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.37:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.37:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.38:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.38:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.39:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.39:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.40:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.40:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.41:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.41:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.42:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.42:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.43:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.43:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.44:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.44:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.45:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.45:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.46:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.46:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.47:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.47:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.48:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.48:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.49:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.49:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.50:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.50:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.51:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.51:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.52:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.52:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.53:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.53:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.54:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.54:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.55:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.55:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.56:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.56:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.57:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.57:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.58:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.58:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.59:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.59:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.60:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.60:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.61:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.61:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.62:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.62:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.63:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.63:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.64:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.64:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.65:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.65:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.66:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.66:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.67:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.67:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.68:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.68:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.69:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.69:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.70:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.70:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.71:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.71:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.72:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.72:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.73:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.73:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.74:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.74:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.75:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.75:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.76:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.76:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.77:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.77:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.78:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.78:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.79:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.14.79:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 15-02-2024 - 18:55)
Impact:
Exploitability:

CWE

CWE-19

CAPEC

XML Oversized Payloads
Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an adversary to inject data that may have an adverse effect on the XML parser when it is being processed. By supplying oversized payloads in input vectors that will be processed by the XML parser, an adversary can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization, and potentially cause execution of arbitrary code. An adversary's goal is to leverage parser failure to his or her advantage. In many cases this type of an attack will result in a XML Denial of Service (XDoS) due to an application becoming unstable, freezing, or crashing. However it is possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.231.1]. XDoS is most closely associated with web services, SOAP, and Rest, because remote service requesters can post malicious XML payloads to the service provider designed to exhaust the service provider's memory, CPU, and/or disk space. The main weakness in XDoS is that the service provider generally must inspect, parse, and validate the XML messages to determine routing, workflow, security considerations, and so on. It is exactly these inspection, parsing, and validation routines that XDoS targets. This attack exploits the loosely coupled nature of web services, where the service provider has little to no control over the service requester and any messages the service requester sends.
Overflow Buffers
Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an adversary. As a consequence, an adversary is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the adversaries' choice.
XML Nested Payloads
Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an adversary to inject data that may have an adverse effect on the XML parser when it is being processed. By nesting XML data and causing this data to be continuously self-referential, an adversary can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization. An adversary's goal is to leverage parser failure to his or her advantage. In most cases this type of an attack will result in a XML Denial of Service (XDoS) due to an application becoming unstable, freezing, or crashing. However it may be possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.230.1]. XDoS is most closely associated with web services, SOAP, and Rest, because remote service requesters can post malicious XML payloads to the service provider designed to exhaust the service provider's memory, CPU, and/or disk space. The main weakness in XDoS is that the service provider generally must inspect, parse, and validate the XML messages to determine routing, workflow, security considerations, and so on. It is exactly these inspection, parsing, and validation routines that XDoS targets. This attack exploits the loosely coupled nature of web services, where the service provider has little to no control over the service requester and any messages the service requester sends.

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

redhat via4

advisories

bugzilla

id	1198503
title	CVE-2014-8172 kernel: soft lockup on aio

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

comment kernel earlier than 0:3.10.0-229.el7 is currently running
oval oval:com.redhat.rhsa:tst:20150290031
comment kernel earlier than 0:3.10.0-229.el7 is set to boot up on next boot
oval oval:com.redhat.rhsa:tst:20150290032

AND
comment kernel is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290001
comment kernel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842002

AND

comment kernel-abi-whitelists is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290003
comment kernel-abi-whitelists is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131645004

AND

comment kernel-bootwrapper is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290005
comment kernel-bootwrapper is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842004

AND
comment kernel-debug is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290007
comment kernel-debug is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842006

AND

comment kernel-debug-devel is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290009
comment kernel-debug-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842008

AND
comment kernel-devel is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290011
comment kernel-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842010
AND
comment kernel-doc is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290013
comment kernel-doc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842012

AND

comment kernel-headers is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290015
comment kernel-headers is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842016

AND
comment kernel-kdump is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290017
comment kernel-kdump is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842018

AND

comment kernel-kdump-devel is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290019
comment kernel-kdump-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842020

AND
comment kernel-tools is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290021
comment kernel-tools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140678022

AND

comment kernel-tools-libs is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290023
comment kernel-tools-libs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140678024

AND

comment kernel-tools-libs-devel is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290025
comment kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140678026

AND
comment perf is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290027
comment perf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842022
AND
comment python-perf is earlier than 0:3.10.0-229.el7
oval oval:com.redhat.rhsa:tst:20150290029
comment python-perf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111530024

rhsa

id	RHSA-2015:0290
released	2015-03-05
severity	Important
title	RHSA-2015:0290: kernel security, bug fix, and enhancement update (Important)

rhsa
id RHSA-2015:0694

rpms

kernel-0:3.10.0-229.el7
kernel-abi-whitelists-0:3.10.0-229.el7
kernel-bootwrapper-0:3.10.0-229.el7
kernel-debug-0:3.10.0-229.el7
kernel-debug-debuginfo-0:3.10.0-229.el7
kernel-debug-devel-0:3.10.0-229.el7
kernel-debuginfo-0:3.10.0-229.el7
kernel-debuginfo-common-ppc64-0:3.10.0-229.el7
kernel-debuginfo-common-s390x-0:3.10.0-229.el7
kernel-debuginfo-common-x86_64-0:3.10.0-229.el7
kernel-devel-0:3.10.0-229.el7
kernel-doc-0:3.10.0-229.el7
kernel-headers-0:3.10.0-229.el7
kernel-kdump-0:3.10.0-229.el7
kernel-kdump-debuginfo-0:3.10.0-229.el7
kernel-kdump-devel-0:3.10.0-229.el7
kernel-tools-0:3.10.0-229.el7
kernel-tools-debuginfo-0:3.10.0-229.el7
kernel-tools-libs-0:3.10.0-229.el7
kernel-tools-libs-devel-0:3.10.0-229.el7
perf-0:3.10.0-229.el7
perf-debuginfo-0:3.10.0-229.el7
python-perf-0:3.10.0-229.el7
python-perf-debuginfo-0:3.10.0-229.el7
kernel-rt-1:3.10.0-229.rt56.144.el6rt
kernel-rt-debug-1:3.10.0-229.rt56.144.el6rt
kernel-rt-debug-debuginfo-1:3.10.0-229.rt56.144.el6rt
kernel-rt-debug-devel-1:3.10.0-229.rt56.144.el6rt
kernel-rt-debuginfo-1:3.10.0-229.rt56.144.el6rt
kernel-rt-debuginfo-common-x86_64-1:3.10.0-229.rt56.144.el6rt
kernel-rt-devel-1:3.10.0-229.rt56.144.el6rt
kernel-rt-doc-1:3.10.0-229.rt56.144.el6rt
kernel-rt-firmware-1:3.10.0-229.rt56.144.el6rt
kernel-rt-trace-1:3.10.0-229.rt56.144.el6rt
kernel-rt-trace-debuginfo-1:3.10.0-229.rt56.144.el6rt
kernel-rt-trace-devel-1:3.10.0-229.rt56.144.el6rt
kernel-rt-vanilla-1:3.10.0-229.rt56.144.el6rt
kernel-rt-vanilla-debuginfo-1:3.10.0-229.rt56.144.el6rt
kernel-rt-vanilla-devel-1:3.10.0-229.rt56.144.el6rt

refmap via4

confirm	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59 https://bugzilla.redhat.com/show_bug.cgi?id=1195248 https://github.com/torvalds/linux/commit/8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59
sectrack	1031853
ubuntu	USN-2543-1 USN-2544-1

Last major update

15-02-2024 - 18:55

Published

16-03-2015 - 10:59

Last modified

15-02-2024 - 18:55