Bug 552738

Summary:	Kernel: DoS via unspecified use of Asynchronous I/O (AIO) operations (CVE-2014-8172)
Product:	Gentoo Security	Reporter:	GLSAMaker/CVETool Bot <glsamaker>
Component:	Kernel	Assignee:	Gentoo Kernel Security <security-kernel>
Status:	RESOLVED FIXED
Severity:	normal	CC:	kernel
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description GLSAMaker/CVETool Bot gentoo-dev

2015-06-21 13:38:06 UTC

CVE-2014-8172 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8172):
  The filesystem implementation in the Linux kernel before 3.13 performs
  certain operations on lists of files with an inappropriate locking approach,
  which allows local users to cause a denial of service (soft lockup or system
  crash) via unspecified use of Asynchronous I/O (AIO) operations.

Comment 1 John Helmert III archtester

2022-03-25 22:36:38 UTC

Fix in 3.13, https://github.com/torvalds/linux/commit/eee5cc2702929fd41cce28058dc6d6717f723f87