CVE-2014-6410
kernel: udf: Avoid infinite loop when processing indirect ICBs
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode.
La función __udf_read_inode en fs/udf/inode.c en el kernel de Linux hasta 3.16.3 no restringe la cantidad de indirección ICB, lo que permite a atacantes físicamente próximos causar una denegación de servicio (bucle infinito o consumo de la pila) a través de un sistema de ficheros UDF con un inodo manipulado.
A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format (UDF) file system implementation processed indirect Information Control Blocks (ICBs). An attacker with physical access to the system could use a specially crafted UDF image to crash the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-09-15 CVE Reserved
- 2014-09-28 CVE Published
- 2023-11-08 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-399: Resource Management Errors
- CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CAPEC
References (17)
URL | Tag | Source |
---|---|---|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c03aa9f6e1f938618e6db2e23afef0574efeeb65 | X_refsource_confirm | |
http://www.openwall.com/lists/oss-security/2014/09/15/9 | Mailing List | |
http://www.securityfocus.com/bid/69799 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://github.com/torvalds/linux/commit/c03aa9f6e1f938618e6db2e23afef0574efeeb65 | 2024-08-06 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html | 2023-11-07 | |
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html | 2023-11-07 | |
http://marc.info/?l=bugtraq&m=142722450701342&w=2 | 2023-11-07 | |
http://marc.info/?l=bugtraq&m=142722544401658&w=2 | 2023-11-07 | |
http://rhn.redhat.com/errata/RHSA-2014-1318.html | 2023-11-07 | |
http://www.ubuntu.com/usn/USN-2374-1 | 2023-11-07 | |
http://www.ubuntu.com/usn/USN-2375-1 | 2023-11-07 | |
http://www.ubuntu.com/usn/USN-2376-1 | 2023-11-07 | |
http://www.ubuntu.com/usn/USN-2377-1 | 2023-11-07 | |
http://www.ubuntu.com/usn/USN-2378-1 | 2023-11-07 | |
http://www.ubuntu.com/usn/USN-2379-1 | 2023-11-07 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1141809 | 2014-12-16 | |
https://access.redhat.com/security/cve/CVE-2014-6410 | 2014-12-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 3.16.3 Search vendor "Linux" for product "Linux Kernel" and version " <= 3.16.3" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.16.0 Search vendor "Linux" for product "Linux Kernel" and version "3.16.0" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.16.1 Search vendor "Linux" for product "Linux Kernel" and version "3.16.1" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.16.2 Search vendor "Linux" for product "Linux Kernel" and version "3.16.2" | - |
Affected
|