Vigil@nce - Linux kernel: infinite loop of __udf_read_inode
September 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can mount an UDF file system, to generate a large
recursion in __udf_read_inode(), in order to trigger a denial of
service of the Linux kernel.
Impacted products: Linux
Severity: 1/4
Creation date: 15/09/2014
DESCRIPTION OF THE VULNERABILITY
The Linux kernel supports UDF file systems.
However, the __udf_read_inode() function of the fs/udf/inode.c
file does not limit the number of ICB, which triggers an unlimited
recursive call.
An attacker can therefore mount an UDF file system, to generate a
large recursion in __udf_read_inode(), in order to trigger a
denial of service of the Linux kernel.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-infinite-loop-of-udf-read-inode-15353