Lucene search

K
ubuntucveUbuntu.comUB:CVE-2014-9420
HistoryDec 25, 2014 - 12:00 a.m.

CVE-2014-9420

2014-12-2500:00:00
ubuntu.com
ubuntu.com
19

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.5%

The rock_continue function in fs/isofs/rock.c in the Linux kernel through
3.18.1 does not restrict the number of Rock Ridge continuation entries,
which allows local users to cause a denial of service (infinite loop, and
system crash or hang) via a crafted iso9660 image.

Bugs

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchlinux<Β 2.6.32-72.139UNKNOWN
ubuntu12.04noarchlinux<Β 3.2.0-76.111UNKNOWN
ubuntu14.04noarchlinux<Β 3.13.0-46.75UNKNOWN
ubuntu14.10noarchlinux<Β 3.16.0-31.41UNKNOWN
ubuntu12.04noarchlinux-armadaxp<Β 3.2.0-1644.63UNKNOWN
ubuntu10.04noarchlinux-ec2<Β 2.6.32-375.92UNKNOWN
ubuntu12.04noarchlinux-lts-trusty<Β 3.13.0-46.75~precise1UNKNOWN
ubuntu14.04noarchlinux-lts-utopic<Β 3.16.0-31.41~14.04.1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4<Β 3.2.0-1459.79UNKNOWN

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.5%