** Changed in: linux (Ubuntu Vivid)
Status: New => Invalid
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: New => Invalid
** Description changed:
- isofs: unchecked printing of ER records
+ The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the
+ Linux kernel before 3.18.2 does not validate a length value in the
+ Extensions Reference (ER) System Use Field, which allows local users to
+ obtain sensitive information from kernel memory via a crafted iso9660
+ image.
Break-Fix: - 4e2024624e678f0ebb916e6192bd23c1f9fdf696
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1409808
Title:
CVE-2014-9584
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1409808/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
