Denial of Service Vulnerability in Linux Kernel's __do_follow_link Function

Denial of Service Vulnerability in Linux Kernel's __do_follow_link Function

CVE-2014-0203 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.