Cai Qian

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.8.12 **Description** The issue is related to the cgroup offline implementation in the Linux kernel, which mishandles certain drain operations. This allows local users to cause a denial of service, resulting in a system hang, by executing a crafted application within a container environment. An example of such an application is trinity. **Recommendations** For Linux kernel versions prior to 4.8.12, update to version 4.8.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.9 **Description** The issue allows local users to cause a denial of service, resulting in memory consumption and deadlock, by exploiting the lack of restriction on the number of mounts in a mount namespace. This can be achieved through MS BIND mount system calls, as demonstrated by a loop that triggers exponential growth in the number of mounts. **Recommendations** For Linux kernel versions prior to 4.9, update to version 4.9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.6 **Description** The issue is related to the OverlayFS filesystem implementation in the Linux kernel. It does not properly verify the upper dentry before proceeding with unlink and rename system-call processing. This allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink. **Recommendations** For Linux kernel versions prior to 4.6, update to version 4.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.5.5 **Description** The issue is related to the filesystem layer in the Linux kernel, where it proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink. This allows local users to cause a denial of service, resulting in a system crash, via a rename system call. The issue is related to the `fs/namei.c` and `fs/open.c` files. **Recommendations** For Linux kernel versions prior to 4.5.5, update to version 4.5.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of OverlayFS to minimize the risk of exploitation. Avoid using the rename system call on OverlayFS files that have been renamed to self-hardlinks until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.7.2 **Description** A race condition exists in the smb send rqst function in fs/cifs/transport.c, which can be exploited by local users to cause a denial of service, resulting in a NULL pointer dereference and OOPS. This issue may also have unspecified other impacts via vectors involving a reconnection event. **Recommendations** For Linux kernel versions prior to 3.7.2, update to version 3.7.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.2.10 **Description** The issue allows local users to cause a denial of service via attempted access to a special file, such as a FIFO. This occurs because the cifs code attempts to open files on lookup under certain circumstances, and if the opened file is a special file, the open filehandle is leaked, leading to a dentry refcount mismatch and an OOPS on umount. **Recommendations** For Linux kernel versions prior to 3.2.10, update to version 3.2.10 or later to resolve the issue. As a temporary workaround, consider restricting access to special files, such as FIFOs, to minimize the risk of exploitation.