CVE-2014-9730
SUSE Security Advisory - SUSE-SU-2015:1611-1
Severity Score
5.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
Vulnerabilidad en la función udf_pc_to_char en fs/udfs/symlink.c en el kernel de Linux en versiones anteriores a 3.18.2, se basa en longitudes de componentes no utilizados, lo que permite a usuarios locales causar una denegación de servicio (caída del sistema) a través de una imagen de sistema de archivos UDF manipulada.
An update that solves 14 vulnerabilities and has 45 fixes is now available. The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bug fixes.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-06-03 CVE Reserved
- 2015-08-31 CVE Published
- 2024-08-06 CVE Updated
- 2025-05-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (11)
URL | Tag | Source |
---|---|---|
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9 | X_refsource_confirm | |
http://www.openwall.com/lists/oss-security/2015/06/02/7 | Mailing List |
|
http://www.securityfocus.com/bid/74964 | Vdb Entry | |
https://bugzilla.redhat.com/show_bug.cgi?id=1228229 | X_refsource_confirm | |
https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 3.18.1 Search vendor "Linux" for product "Linux Kernel" and version " <= 3.18.1" | - |
Affected
|