CVE-2014-8171
First published: Tue Mar 03 2015(Updated: )
On a system with memory-constrained cgroups, it is possible for a non-root user to lock up the system by continuously spawning new processes within a cgroup which is already in an OOM event. Upstream patches: The deadlock was inherent in the original memcg OOM killer design, so the entire rewrite of that mechanism is required for the fix: <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id</a>= 759496ba6407c6994d6a5ce3a5e74937d7816208 3a13c4d761b4b979ba8767f42345fed3274991b0 519e52473ebe9db5cdef44670d5a97f1fd53d721 fb2a6fc56be66c169f8b80e07ed999ba453a2db2 3812c8c8f3953921ef18544110dafc3505c1ac62 4942642080ea82d99ab5b653abb9a12b7ba31f4a 84235de394d9775bfaa7fa9762a59d91fef0c1fc a0d8b00a3381f9d75764b3377590451cb0b4fe41 1f14c1ac19aa45118054b6d5425873c5c7fc23a1 3168ecbe1c04ec3feb7cb42388a17d7f047fe1a2
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | ||
| Redhat Enterprise Linux | =6.0 | |
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Mrg | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/references
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-8171
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/tags
- agent/description
- agent/event
- agent/trending
- vendor/linux
- canonical/linux linux kernel
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/6.0
- version/redhat enterprise linux/7.0
- canonical/redhat enterprise mrg
- version/redhat enterprise mrg/2.0