oss-sec mailing list archives
Re: CVE request Linux kernel: fs: udf heap overflow in __udf_adinicb_readpage
From: cve-assign () mitre org
Date: Wed, 3 Jun 2015 14:01:25 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Linux kernel built with the UDF file system(CONFIG_UDF_FS) support is vulnerable to a crash. It could occur while reading from a corrupted/malicious udf file system image. An unprivileged user could use this flaw to crash the kernel resulting in DoS. Upstream fixes: --------------- -> https://git.kernel.org/linus/e159332b9af4b04d882dbcfe1bb0117f0a6d4b58 -> https://git.kernel.org/linus/e237ec37ec154564f8690c5bd1795339955eeef9 -> https://git.kernel.org/linus/a1d47b262952a45aae62bd49cfaf33dd76c11a2c
We feel that this is best covered by three CVE IDs, although not with a one-to-one mapping. The "length can be too long" problems addressed in all three commits are assigned CVE-2014-9728. e159332b9af4b04d882dbcfe1bb0117f0a6d4b58 is also about a separate data-structure consistency issue (the "iinfo->i_lenAlloc != inode->i_size" issue): this is assigned CVE-2014-9729. Finally, e237ec37ec154564f8690c5bd1795339955eeef9 is also about a separate state-identification issue ("properly ignore component length for component types that do not use it"): this is assigned CVE-2014-9730. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVb0ALAAoJEKllVAevmvmsOIAIAMI+XxEFI9Kv13jINfdgBMwR jVgVlsl6ySo75fKDFAraEY6tUcLrm/01nP8iwCidDEt9HfBgToyut7V/1VZU57aK S68LRGXfhjD8jSNzTP7pmJXY4PPE5R/9gmVQ+Yu4QKNPsrpJHl4O813T3qrYRKtM hzinIacPhjoWkktra1QMWQBCOCfdP9Sz6fYRc+bTylgIz4sAzm2ftGIo+c1dvT5b fPS1WqdiUWj9nxjEf/gaLqaYo6Aj2jNicS8vhl2VU/vMOswumf2A+kkM0xUsfS1B vwoQ6Ebsa5fkPQ/rGg1nCHaT4jYMCF6o/R/SqyMx+4Jgv5euRwVZchOoenUzWTA= =Glix -----END PGP SIGNATURE-----
Current thread:
- CVE request Linux kernel: fs: udf heap overflow in __udf_adinicb_readpage P J P (Jun 02)
- Re: CVE request Linux kernel: fs: udf heap overflow in __udf_adinicb_readpage cve-assign (Jun 03)