CVE-2014-8559

MEDIUM

Linux Kernel < 3.17.2 - Denial of Service via d_walk Deadlock

Title source: llm
STIX 2.1

Description

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.

References (31)

Core 31
Core References
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lkml.org/lkml/2014/10/26/116
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2515-1
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lkml.org/lkml/2014/10/26/101
Exploit, Patch, Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3170
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2492-1
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1978.html
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/10/30/7
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/62801
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1976.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lkml.org/lkml/2014/10/26/128
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/70854
Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
https://lkml.org/lkml/2014/10/25/179
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2518-1
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lkml.org/lkml/2014/10/26/129
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2493-1
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1034051
Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
https://lkml.org/lkml/2014/10/25/180
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2517-1
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lkml.org/lkml/2014/10/25/171
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2516-1
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1159313
Third Party Advisory x_refsource_confirm
https://support.f5.com/csp/article/K05211147

Scores

CVSS v3 5.5
EPSS 0.0006
EPSS Percentile 17.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-400
Status published
Products (13)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 14.10
linux/linux_kernel < 3.17.2
novell/suse_linux_enterprise_desktop 12.0
novell/suse_linux_enterprise_server 12.0
opensuse/evergreen 11.4
opensuse/opensuse 13.1
oracle/linux 7
suse/linux_enterprise_real_time_extension 11 sp3
... and 3 more
Published Nov 10, 2014
Tracked Since Feb 18, 2026