|Date: (C)2009-06-07 (M)2015-12-16|
|CVSS Score: 1.9||Access Vector: LOCAL|
|Exploitability Subscore: 3.4||Access Complexity: MEDIUM|
|Impact Subscore: 2.9||Authentication: NONE|
| ||Confidentiality: NONE|
| ||Integrity: NONE|
| ||Availability: PARTIAL|
The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 18.104.22.168, 2.6.29 before 22.214.171.124, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.