PT-2014-9004 · Alt+6 · Alt Linux+5

P J P

·

Publicado

2014-12-25

·

Atualizado

2023-02-13

·

CVE-2014-9420

CVSS v2.0

4.9

Média

VetorAV:L/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.18.1 ALT Linux (affected versions not specified)
Description The issue is related to the rock continue function in fs/isofs/rock.c, which does not properly restrict the number of Rock Ridge continuation entries. This allows local users to cause a denial of service, potentially leading to an infinite loop, and system crash or hang, via a crafted iso9660 image.
Recommendations For Linux kernel versions prior to 3.18.1, update to version 3.18.1 or later to resolve the issue. For ALT Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

ALT-PU-2015-1018
ALT-PU-2015-1794
CESA-2015_1081
CESA-2015_1137
CVE-2014-9420
DLA-155-1
MGASA-2015-0006
MGASA-2015-0075
MGASA-2015-0076
MGASA-2015-0077
MGASA-2015-0078
OPENSUSE-SU-2015_0713-1
OPENSUSE-SU-2015_0714-1
RHSA-2015:1081
RHSA-2015:1137
RHSA-2015:1138
RHSA-2015:1139
RHSA-2015_1081
RHSA-2015_1137
RHSA-2015_1139
SUSE-RU-2015:0621-1
SUSE-SU-2015:0581-1
SUSE-SU-2015:0652-1
SUSE-SU-2015:0736-1
SUSE-SU-2015:1174-1
SUSE-SU-2015:1376-1
USN-2490-1
USN-2491-1
USN-2492-1
USN-2493-1
USN-2515-1
USN-2516-1
USN-2516-2
USN-2516-3
USN-2517-1
USN-2518-1

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu