Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-9731

Опубликовано: 31 авг. 2015
Источник: debian

Описание

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed3.16.7-ckt4-1package
linuxfixed3.2.68-1wheezypackage
linux-2.6removedpackage

Примечания

  • Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14 (v3.19-rc3)

  • https://www.openwall.com/lists/oss-security/2015/06/03/4

Связанные уязвимости

ubuntu логотип

CVE-2014-9731

ubuntu
больше 10 лет назад

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.

redhat логотип

CVE-2014-9731

redhat
около 11 лет назад

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.

nvd логотип

CVE-2014-9731

nvd
больше 10 лет назад

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.

github логотип

GHSA-x393-p4mh-m9f2

github
больше 3 лет назад

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.

suse-cvrf логотип

SUSE-SU-2015:1324-1

suse-cvrf
больше 10 лет назад

Security update for the SUSE Linux Enterprise 12 kernel