First published: Sun Jul 20 2014(Updated: )
A flaw was found in the way reference counting was handled in the Linux kernel's VFS subsystem when unmount on symlink was performed. On Red Hat Enterprise Linux 6 an unprivileged local user could use this flaw to cause OOM conditions leading to denial of service or, potentially, trigger use-after-free error. On Red Hat Enterprise Linux 7 a privileged local user with CAP_SYS_ADMIN capability (also in a container) could use this flaw to cause OOM conditions leading to denial of service or, potentially, trigger use-after-free error. Acknowledgements: Red Hat would like to thank Vasily Averin of Parallels for reporting this issue.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <0:2.6.32-504.el6 | 0:2.6.32-504.el6 |
redhat/kernel | <0:2.6.32-431.46.2.el6 | 0:2.6.32-431.46.2.el6 |
redhat/kernel | <0:3.10.0-123.13.1.el7 | 0:3.10.0-123.13.1.el7 |
Linux Linux kernel | <3.15.8 | |
Redhat Enterprise Linux Eus | =6.5 | |
Redhat Enterprise Linux Server Aus | =6.5 | |
Redhat Enterprise Linux Server Tus | =6.5 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.12.5-1 6.12.6-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)