Buffer over-read vulnerability in UDF filesystem implementation in Linux kernel before 3.18.2
CVE-2014-9728 · MEDIUM Severity
AV:L/AC:L/AU:N/C:N/I:N/A:C
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.