vulnerability
Oracle Linux: CVE-2017-18204: ELSA-2019-4532: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Nov 15, 2017 | Feb 7, 2019 | Jan 23, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Nov 15, 2017
Added
Feb 7, 2019
Modified
Jan 23, 2025
Description
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
The Linux kernel, before version 4.14.2, is vulnerable to a deadlock caused by fs/ocfs2/file.c:ocfs2_setattr(), as the function does not wait for DIO requests before locking the inode. This can be exploited by local users to cause a subsequent denial of service.
The Linux kernel, before version 4.14.2, is vulnerable to a deadlock caused by fs/ocfs2/file.c:ocfs2_setattr(), as the function does not wait for DIO requests before locking the inode. This can be exploited by local users to cause a subsequent denial of service.
Solution
oracle-linux-upgrade-kernel-uek

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.