Re: CVE Request: Linux Kernel unbound recursion in ISOFS

[cve-assign () mitre org]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> https://code.google.com/p/google-security-research/issues/detail?id=88

> - recurse.iso: crashes / reboots a kernel due to kernel stack overflow / corruption.

Use CVE-2014-5471.


> - deadlock.iso: causes a deadlock in the mount process in "inode_wait"

Use CVE-2014-5472.


> https://github.com/torvalds/linux/commit/410dd3cf4c9b36f27ed4542ee18b1af5e68645a4

> We did not check relocated directory in any way when processing Rock
> Ridge 'CL' tag.

There are the two CVE IDs above, instead of one CVE ID for "did not
check ... in any way."

CVE-2014-5471 is about the need for code to prevent unchecked
recursion (CWE-674), whereas CVE-2014-5472 is not about CWE-674. On
some systems, CVE-2014-5472 might have only a minor security impact by
enabling a user to start an unkillable process (i.e., it would be
minor if there were a low limit on the number of processes the user is
allowed to start).

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJT/WhZAAoJEKllVAevmvmskWYH/2YTlXYpcG5AgNusDLxCEdqs
r+1qOetYYD2VhLr3LqcI0gDAU26V2sNcCej1h4wiVx4q83yN95ZleCYOEEzy99OG
vjQQp/bnhcL1++UJEZvnxvSXbUw8sOcLky60GEHQ6F+MICZcCAUKShtOn0meeQgr
Cke9dXw8pcXFmt7N8R+ztdpot4pxPKUVNmiNNhKC6q9yIQQ+rDVnYD+81+l5vMD3
fpFunsqUclRczEBoh5ptyZ89mNFUytlz1R1gFxN/3fkseFfxybVpBKL3XW364USj
ett5kJxt/jI2yam7rP/eAV166EtjenBNgS6q6boFO8GiyM6OsUYVsYBIUEhuB24=
=R3U4
-----END PGP SIGNATURE-----