Lucene search

K
cvelistRedhatCVELIST:CVE-2017-7495
HistoryMay 15, 2017 - 6:00 p.m.

CVE-2017-7495

2017-05-1518:00:00
redhat
www.cve.org

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users’ files in opportunistic circumstances by waiting for a hardware reset, creating a new file, making write system calls, and reading this file.

CNA Affected

[
  {
    "product": "Linux kernel before 4.6.2",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Linux kernel before 4.6.2"
      }
    ]
  }
]