Buffer over-read vulnerability in UDF filesystem implementation in Linux kernel before 3.18.2

Buffer over-read vulnerability in UDF filesystem implementation in Linux kernel before 3.18.2

CVE-2014-9728 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.