Alex Chen

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.15 Description: The issue is related to a race condition in the extent tree during read operations in DIRECT mode. This occurs because a semaphore is not used in fs/ocfs2/aops.c, allowing local users to cause a denial of service by modifying a certain `e cpos` field. Recommendations: For Linux kernel versions prior to 4.15, update to version 4.15 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.15 Description: The issue allows local users to cause a denial of service, resulting in a NULL pointer dereference and BUG, due to the lack of a required mutex in fs/ocfs2/cluster/nodemanager.c. Recommendations: For versions prior to 4.15, update to version 4.15 or later to resolve the issue.