CVE-2015-4167

2015-08-05 20:59:00 2016-12-22 03:59:51

The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.

Vector

LOCAL

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Linux Kernel 3.19 Canonical Ubuntu Linux 12.04 LTS Debian Linux 7.0

Linux - Linux kernel Canonical - Ubuntu linux Debian - Debian linux

Advisory	Patch	Confirmed	Link
			USN-2631-1
			74963
			[oss-security] 20150602 CVE request Linux kernel: fs: ud...
			http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3....
			DSA-3290
			DSA-3313
			SUSE-SU-2015:1324
			openSUSE-SU-2015:1382
			SUSE-SU-2015:1592
			SUSE-SU-2015:1611
			1033187
			http://git.kernel.org/cgit/linux/kernel/git/torvalds/lin...
			USN-2632-1
			https://bugzilla.redhat.com/show_bug.cgi?id=1228204
			https://github.com/torvalds/linux/commit/23b133bdc452aa4...

CVE-2015-4167

2015-08-05 20:59:00 2016-12-22 03:59:51

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)