Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471
Reference (s):
- BID:69396
- URL: http://www.securityfocus.com/bid/69396
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
- https://bugzilla.redhat.com/show_bug.cgi?id=1134099
- https://github.com/torvalds/linux/commit/410dd3cf4c9b36f27ed4542ee18b1af5e68645a4