PT-2014-9109 · Linux+5 · Linux Kernel+5

Published

1970-01-01

·

Updated

2018-12-18

·

CVE-2014-4171

CVSS v2.0

9.3

High

VectorAV:N/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions openSUSE kernel versions prior to 3.15.1
Description The issue affects the Linux kernel and can be exploited remotely, potentially leading to a denial of service (i mutex hold) by using the mmap system call to access a hole. This can interfere with intended shmem activity by blocking completion of MADV REMOVE madvise calls or FALLOC FL PUNCH HOLE fallocate calls.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALT-PU-2014-1812
ALT-PU-2014-1815
ALT-PU-2014-1816
ALT-PU-2014-1847
ALT-PU-2015-1794
BDU:2015-05685
BDU:2015-05686
BDU:2015-05687
BDU:2015-05688
BDU:2015-05689
BDU:2015-05690
BDU:2015-05691
BDU:2015-05692
BDU:2015-05693
BDU:2015-05694
BDU:2015-05695
BDU:2015-05696
BDU:2015-05697
BDU:2015-05698
BDU:2015-05699
BDU:2015-05700
BDU:2015-05701
BDU:2015-05702
BDU:2015-05703
BDU:2015-05704
BDU:2015-05705
BDU:2015-05706
BDU:2015-05707
BDU:2015-05708
BDU:2015-05709
BDU:2015-05710
BDU:2015-05711
BDU:2015-05712
BDU:2015-05713
BDU:2015-05714
BDU:2015-05715
BDU:2015-05716
BDU:2015-05717
BDU:2015-05718
BDU:2015-05719
BDU:2015-05720
BDU:2015-05721
BDU:2015-05722
BDU:2015-05723
BDU:2015-05724
BDU:2015-05725
BDU:2015-05726
BDU:2015-05727
BDU:2015-05728
BDU:2015-05729
BDU:2015-05730
BDU:2015-05731
BDU:2015-05732
BDU:2015-05733
BDU:2015-05734
BDU:2015-05735
BDU:2015-05736
BDU:2015-05737
BDU:2015-05738
BDU:2015-05739
BDU:2015-05740
BDU:2015-05741
BDU:2015-05742
BDU:2015-05743
BDU:2015-05744
BDU:2015-05745
BDU:2015-05746
BDU:2015-05747
BDU:2015-05748
BDU:2015-05749
BDU:2015-05750
BDU:2015-05751
BDU:2015-05752
BDU:2015-05753
BDU:2015-05754
BDU:2015-05755
BDU:2015-05756
BDU:2015-05757
BDU:2015-05758
BDU:2015-05759
BDU:2015-05760
BDU:2015-05761
BDU:2015-05762
BDU:2015-05763
BDU:2015-05764
BDU:2015-05765
BDU:2015-05766
BDU:2015-05767
BDU:2015-05768
BDU:2015-05769
BDU:2015-05770
BDU:2015-05771
BDU:2015-05772
BDU:2015-05773
BDU:2015-05774
BDU:2015-05775
BDU:2015-05776
BDU:2015-05777
BDU:2015-05778
BDU:2015-05779
BDU:2015-05780
BDU:2015-05781
BDU:2015-05782
BDU:2015-05783
BDU:2015-05784
BDU:2015-05785
BDU:2015-05786
BDU:2015-05787
BDU:2015-05788
BDU:2015-05789
BDU:2015-05790
BDU:2015-05791
BDU:2015-05792
BDU:2015-05793
BDU:2015-05794
BDU:2015-05795
BDU:2015-05796
BDU:2015-05797
BDU:2015-05798
BDU:2015-05799
BDU:2015-05800
BDU:2015-05801
BDU:2015-05802
BDU:2015-05803
BDU:2015-05804
BDU:2015-05805
BDU:2015-05806
BDU:2015-05807
BDU:2015-05808
BDU:2015-05809
BDU:2015-05810
BDU:2015-05811
BDU:2015-05812
BDU:2015-05813
BDU:2015-05814
BDU:2015-05815
BDU:2015-05816
BDU:2015-05817
BDU:2015-05818
BDU:2015-05819
BDU:2015-05820
BDU:2015-05821
BDU:2015-05822
BDU:2015-05823
BDU:2015-05824
BDU:2015-05825
BDU:2015-05826
BDU:2015-05827
BDU:2015-05828
BDU:2015-05829
BDU:2015-05830
BDU:2015-05831
BDU:2015-05832
BDU:2015-05833
BDU:2015-05834
BDU:2015-05835
BDU:2015-05836
BDU:2015-05837
BDU:2015-05838
BDU:2015-05839
BDU:2015-05840
BDU:2015-05841
BDU:2015-05842
BDU:2015-05843
CESA-2015_0102
CVE-2014-4171
MGASA-2014-0316
MGASA-2014-0318
MGASA-2014-0330
MGASA-2014-0331
MGASA-2014-0332
MGASA-2014-0336
MGASA-2014-0337
MGASA-2015-0077
OPENSUSE-SU-2014_0957-1
OPENSUSE-SU-2014_0985-1
OPENSUSE-SU-2014_1669-1
OPENSUSE-SU-2014_1677-1
RHSA-2014:1318
RHSA-2015:0102
RHSA-2015_0102
SUSE-RU-2015:0621-1
SUSE-SU-2015:0581-1
SUSE-SU-2015:0736-1
SUSE-SU-2015:1174-1
SUSE-SU-2015:1376-1
USN-2334-1
USN-2335-1
USN-2336-1
USN-2337-1

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu