CVE-2014-7822
Linux Kernel 3.13/3.14 (Ubuntu) - 'splice()' System Call Local Denial of Service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem.
La implementación de ciertas operaciones de archivo splice_write en el kernel de Linux anterior a 3.16 no fuerza una restricción en el tamaño máximo de un archivo, lo que permite a usaurios locales causar una denegación de servicio (caída del sistema) o la posibilidad de tener otro impacto no especificado a través de llamadas anidadas al sistema modificadas, como se ha demostrado mediante el uso de un archivo descriptor asociado con sistemas de ficheros ext4.
A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-10-03 CVE Reserved
- 2015-01-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (22)
URL | Tag | Source |
---|---|---|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d0207652cbe27d1f962050737848e5ad4671958 | X_refsource_confirm | |
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | X_refsource_confirm | |
http://www.osvdb.org/117810 | Vdb Entry | |
http://www.securityfocus.com/bid/72347 | Vdb Entry | |
https://github.com/torvalds/linux/commit/8d0207652cbe27d1f962050737848e5ad4671958 | X_refsource_confirm |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/36743 | 2024-08-06 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 3.15.8 Search vendor "Linux" for product "Linux Kernel" and version " <= 3.15.8" | - |
Affected
|