Red Hat Bugzilla – Bug 1314275
CVE-2015-8830 kernel: AIO write triggers integer overflow in some protocols
Last modified: 2017-01-25 13:57:21 EST
It was found that AIO interface permitted reading or writing 2 GiB of data or more in a single chunk, which could lead to an integer overflow when applied to certain filesystems, socket or device types.
CVE-ID request and assignment:
This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, as the related AIO vector code is not present in this product.
This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.