PT-2014-6495 · Linux+5 · Linux Kernel+5

Chris Evans

Publicado

2014-08-31

Atualizado

2017-09-08

CVE-2014-5471

CVSS v2.0

4.0

Média

Vetor

AV:L/AC:H/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.16.1

Description The issue is related to a stack consumption problem in the parse rock ridge inode internal function, allowing local users to cause a denial of service through crafted iso9660 images. This can lead to uncontrolled recursion and potentially cause a system crash or reboot.

Recommendations For Linux kernel versions prior to 3.16.1, update to version 3.16.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of iso9660 images to minimize the risk of exploitation.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

ALT-PU-2014-2106

ALT-PU-2015-1794

CESA-2014_1997

CESA-2015_0102

CVE-2014-5471

DLA-103-1

OPENSUSE-SU-2014_1669-1

OPENSUSE-SU-2014_1677-1

RHSA-2014:1318

RHSA-2014:1997

RHSA-2014_1997

RHSA-2015:0102

RHSA-2015:0695

RHSA-2015:0782

RHSA-2015:0803

RHSA-2015_0102

SUSE-RU-2015:0621-1

SUSE-SU-2015:0481-1

SUSE-SU-2015:0581-1

SUSE-SU-2015:0736-1

SUSE-SU-2015:1174-1

SUSE-SU-2015:1376-1

USN-2354-1

USN-2355-1

USN-2356-1

USN-2357-1

USN-2358-1

USN-2359-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2014-6495 · Linux+5 · Linux Kernel+5

CVE-2014-5471

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 56