Lucene search

K
ubuntucveUbuntu.comUB:CVE-2014-9730
HistoryDec 31, 2014 - 12:00 a.m.

CVE-2014-9730

2014-12-3100:00:00
ubuntu.com
ubuntu.com
13

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before
3.18.2 relies on component lengths that are unused, which allows local
users to cause a denial of service (system crash) via a crafted UDF
filesystem image.

Bugs

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchlinux< 3.2.0-79.115UNKNOWN
ubuntu14.04noarchlinux< 3.13.0-48.80UNKNOWN
ubuntu14.10noarchlinux< 3.16.0-31.41UNKNOWN
ubuntu12.04noarchlinux-armadaxp< 3.2.0-1647.66UNKNOWN
ubuntu12.04noarchlinux-lts-trusty< 3.13.0-48.80~precise1UNKNOWN
ubuntu14.04noarchlinux-lts-utopic< 3.16.0-31.41~14.04.1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4< 3.2.0-1461.81UNKNOWN

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%