4.7

CVE-2015-4167

The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.

Data is provided by the National Vulnerability Database (NVD)
DebianDebian Linux Version7.0
LinuxLinux Kernel Version <= 3.19
CanonicalUbuntu Linux Version12.04 SwEditionlts
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.05% 0.134
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.7 3.4 6.9
AV:L/AC:M/Au:N/C:N/I:N/A:C