vulnerability
Oracle Linux: CVE-2015-8952: ELSA-2017-3533: Unbreakable Enterprise kernel security update (IMPORTANT)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:N/I:N/A:P) | Aug 22, 2016 | Apr 4, 2017 | Dec 3, 2025 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:P)
Published
Aug 22, 2016
Added
Apr 4, 2017
Modified
Dec 3, 2025
Description
The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as demonstrated by Ceph and Samba.
A design flaw was found in the file extended attribute handling of the Linux kernel's handling of cached attributes. Too many entries in the cache cause a soft lockup while attempting to iterate the cache and access relevant locks.
A design flaw was found in the file extended attribute handling of the Linux kernel's handling of cached attributes. Too many entries in the cache cause a soft lockup while attempting to iterate the cache and access relevant locks.
Solution
oracle-linux-upgrade-kernel-uek
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.