4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.2%
The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312,
and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux
(RHEL) 5 and 6, does not properly remove POSIX locks on files that are
setgid without group-execute permission, which allows local users to cause
a denial of service (BUG and system crash) by locking a file on a (1) GFS
or (2) GFS2 filesystem, and then changing this file’s permissions.