CVE-2014-8086

Name	CVE-2014-8086
Description	Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
linux (PTS)	buster	4.19.249-2	fixed
	buster (security)	4.19.269-1	fixed
	bullseye	5.10.158-2	fixed
	bullseye (security)	5.10.162-1	fixed
	bookworm	6.1.15-1	fixed
	sid	6.1.20-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version
linux	source	wheezy	(not affected)
linux	source	(unstable)	3.16.7-ckt2-1
linux-2.6	source	(unstable)	(not affected)

Notes

[wheezy] - linux <not-affected> (Vulnerable code not present)
- linux-2.6 <not-affected> (Vulnerable code not present)
http://www.spinics.net/lists/linux-ext4/msg45683.html