VDB
CVE-2016-8660
CVE-2016-8660
PUBLISHED
The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a "page lock order bug in the XFS seek hole/data implementation."
EPSS 0.11% · 28.9th percentile
Risk Scores
EPSS Score
0.11%
28.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:22.04:LTS | linux-oem-6.5 | 6.5.0-1023.24, 6.5.0-1024.25, 6.5.0-1025.26 |
| Ubuntu:Pro:16.04:LTS | linux-kvm | 4.4.0-1079.86, 4.4.0-1082.91, 4.4.0-1084.93 |
| Ubuntu:24.04:LTS | linux-hwe-6.11 | 6.11.0-28.28~24.04.1, 6.11.0-29.29~24.04.1, * |
| Ubuntu:22.04:LTS | linux-aws-6.2 | 6.2.0-1014.14~22.04.1, 6.2.0-1010.10~22.04.1, 6.2.0-1011.11~22.04.1 |
| Ubuntu:24.04:LTS | linux-hwe-6.14 | 0, 6.14.0-32.32~24.04.1, * |
| Ubuntu:Pro:Realtime:22.04:LTS | linux-realtime | 5.15.0-1083.92, 5.15.0-1081.89, 5.15.0-1080.88 |
| Ubuntu:Pro:18.04:LTS | linux-azure-4.15 | 0, 4.15.0-1095.105, 4.15.0-1109.121 |
| Ubuntu:18.04:LTS | linux-gcp-5.3 | 5.3.0-1030.32~18.04.1, *, * |
| Ubuntu:Pro:FIPS:18.04:LTS | linux-aws-fips | 4.15.0-2000.4, 0 |
| Ubuntu:Pro:FIPS-updates:22.04:LTS | linux-gcp-fips | 5.15.0-1048.56+fips1, 5.15.0-1073.81+fips1, 5.15.0-1072.80+fips1 |
| Ubuntu:22.04:LTS | linux-gcp | 5.15.0-1086.95, 5.15.0-1085.94, 5.15.0-1084.93 |
| Ubuntu:22.04:LTS | linux-lowlatency | 5.15.0-35.36, 5.15.0-101.111, 5.15.0-92.102 |
| Ubuntu:20.04:LTS | linux-azure-5.11 | 5.11.0-1013.14~20.04.1, 5.11.0-1023.24~20.04.1, 5.11.0-1025.27~20.04.1 |
| Ubuntu:22.04:LTS | linux-oracle-6.5 | 6.5.0-1024.24~22.04.1, 6.5.0-1027.27~22.04.1, * |
| Ubuntu:20.04:LTS | linux-aws-5.11 | 5.11.0-1014.15~20.04.1, 5.11.0-1017.18~20.04.1, 5.11.0-1019.20~20.04.1 |
| Ubuntu:22.04:LTS | linux-riscv-5.19 | *, *, 5.19.0-1019.21~22.04.1 |
| Ubuntu:24.04:LTS | linux-azure-nvidia | 6.8.0-1025.27, 6.8.0-1022.23, 6.8.0-1016.17 |
| Ubuntu:Pro:20.04:LTS | linux-ibm | 5.4.0-1054.59, 5.4.0-1053.58, 5.4.0-1052.57 |
| Ubuntu:Pro:FIPS-updates:24.04:LTS | linux-aws-fips | *, 6.8.0-1045.47+fips1, 6.8.0-1046.49+fips1 |
| Ubuntu:24.04:LTS | linux-oem-6.14 | 6.14.0-1014.14, 6.14.0-1015.15, 6.14.0-1017.17 |
…and 219 more
Timeline
- Oct 16, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2016-8660 third-party-advisory
- http://www.openwall.com/lists/oss-security/2016/10/13/8 third-party-advisory
- https://marc.info/?l=linux-xfs&m=149498118228320&w=2 third-party-advisory
- https://marc.info/?l=linux-fsdevel&m=147639177409294&w=2 third-party-advisory
- https://lore.kernel.org/linux-xfs/895314622.769515.1476375930648.JavaMail.zimbra@redhat.com/ third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2016-8660 third-party-advisory