Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c. References: https://www.openwall.com/lists/oss-security/2015/09/22/10 https://sourceforge.net/p/aufs/mailman/message/34449209/
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1867451]
This was fixed upstream in 2012 and has not been an issue in any currently supported Fedora release.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2015-7312