Race condition vulnerability in fs/ocfs2/aops.c in Linux kernel before 4.15 allows local users to cause denial of service
CVE-2017-18224 · LOW Severity
AV:L/AC:M/AU:N/C:N/I:N/A:P
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.