Lucene search

K
nvd[email protected]NVD:CVE-2014-5471
HistorySep 01, 2014 - 1:55 a.m.

CVE-2014-5471

2014-09-0101:55:28
CWE-399
web.nvd.nist.gov
5

CVSS2

4

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:N/I:N/A:C

AI Score

7

Confidence

High

EPSS

0

Percentile

10.1%

Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry.

Affected configurations

Nvd
Node
linuxlinux_kernelRange3.16.1
OR
linuxlinux_kernelMatch3.16.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel3.16.0cpe:2.3:o:linux:linux_kernel:3.16.0:*:*:*:*:*:*:*

References

CVSS2

4

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:N/I:N/A:C

AI Score

7

Confidence

High

EPSS

0

Percentile

10.1%