PT-2014-6496 · Linux+5 · Linux Kernel+5

Chris Evans

Publicado

2014-08-31

Atualizado

2017-09-08

CVE-2014-5472

CVSS v2.0

4.0

Média

Vetor

AV:L/AC:H/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.16.1

Description The issue allows local users to cause a denial of service, resulting in an unkillable mount process. This can be achieved by using a crafted iso9660 image with a self-referential CL entry, which affects the parse rock ridge inode internal function in fs/isofs/rock.c.

Recommendations For versions prior to 3.16.1, update to version 3.16.1 or later to resolve the issue.

Exploit

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2014-2106

ALT-PU-2015-1794

CESA-2014_1997

CESA-2015_0102

CVE-2014-5472

DLA-103-1

OPENSUSE-SU-2014_1669-1

OPENSUSE-SU-2014_1677-1

RHSA-2014:1318

RHSA-2014:1997

RHSA-2014_1997

RHSA-2015:0102

RHSA-2015:0695

RHSA-2015:0782

RHSA-2015:0803

RHSA-2015_0102

SUSE-RU-2015:0621-1

SUSE-SU-2015:0481-1

SUSE-SU-2015:0581-1

SUSE-SU-2015:0736-1

SUSE-SU-2015:1174-1

SUSE-SU-2015:1376-1

USN-2354-1

USN-2355-1

USN-2356-1

USN-2357-1

USN-2358-1

USN-2359-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2014-6496 · Linux+5 · Linux Kernel+5

CVE-2014-5472

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 55