Unrestricted ICB Indirection in Linux Kernel Allows Denial of Service
CVE-2014-6410 · MEDIUM Severity
AV:L/AC:M/AU:N/C:N/I:N/A:C
The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.