Published: 12/03/2018 Updated: 03/05/2018

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1

VMScore: 170

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

In the Linux kernel prior to 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controlling an unprivileged process to read mem ...

A flaw was found in the Linux kernel that fs/ocfs2/aopsc omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode This allows local users to cause a denial of service by modifying a certain e_cpos field ...

CWE-362 https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f http://www.securityfocus.com/bid/103353 https://www.debian.org/security/2018/dsa-4188 https://nvd.nist.gov https://www.debian.org/security/./dsa-4188

CVE-2017-18224

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect