CVE-2015-8839

CVSS v3.1 5.1 (Medium)

CVSS v2.0 1.9 (Low)

EPSS 0.14 % (51^th)

Affected Products 2

Advisories 9

Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized hole punching and page-fault handling.

Weaknesses

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2016-05-02 10:59:22
(8 years ago)
Updated Date: 2020-10-02 14:56:08
(4 years ago)

Affected Products

Canonical

Ubuntu Linux

Linux

Linux Kernel

Configuration #1

	CPE23	Up To
Linux Kernel 4.4.221 and prior versions	cpe:2.3:o:linux:linux_kernel	<= 4.4.221
Linux Kernel 4.5 Rc1	cpe:2.3:o:linux:linux_kernel:4.5:rc1
Linux Kernel 4.5 Rc2	cpe:2.3:o:linux:linux_kernel:4.5:rc2
Linux Kernel 4.5 Rc3	cpe:2.3:o:linux:linux_kernel:4.5:rc3
Linux Kernel 4.5 Rc4	cpe:2.3:o:linux:linux_kernel:4.5:rc4
Linux Kernel 4.5 Rc5	cpe:2.3:o:linux:linux_kernel:4.5:rc5
Linux Kernel 4.5 Rc6	cpe:2.3:o:linux:linux_kernel:4.5:rc6
Linux Kernel 4.5 Rc7	cpe:2.3:o:linux:linux_kernel:4.5:rc7

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts