4

CVE-2014-5471

Exploit
Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 3.16.1
LinuxLinux Kernel Version3.16.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.51% 0.391
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 1.9 6.9
AV:L/AC:H/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
http://rhn.redhat.com/errata/RHSA-2015-0695.html
http://rhn.redhat.com/errata/RHSA-2015-0782.html
http://rhn.redhat.com/errata/RHSA-2015-0803.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
http://rhn.redhat.com/errata/RHSA-2014-1318.html
http://rhn.redhat.com/errata/RHSA-2015-0102.html
http://www.ubuntu.com/usn/USN-2358-1
http://www.ubuntu.com/usn/USN-2359-1
http://www.ubuntu.com/usn/USN-2356-1
http://www.ubuntu.com/usn/USN-2357-1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
http://marc.info/?l=bugtraq&m=142722450701342&w=2
http://marc.info/?l=bugtraq&m=142722544401658&w=2
http://seclists.org/oss-sec/2014/q3/450
http://www.openwall.com/lists/oss-security/2014/08/27/1
http://www.securityfocus.com/bid/69396
http://www.ubuntu.com/usn/USN-2354-1
http://www.ubuntu.com/usn/USN-2355-1
https://bugzilla.redhat.com/show_bug.cgi?id=1134099
https://code.google.com/p/google-security-research/issues/detail?id=88
https://exchange.xforce.ibmcloud.com/vulnerabilities/95481
https://github.com/torvalds/linux/commit/410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
Patch
Exploit