Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 26 Aug 2014 10:33:08 +0200
From: Marcus Meissner <>
To: OSS Security List <>
Subject: CVE Request: Linux Kernel unbound recursion in ISOFS


>From the google security research team:

fixed in
commit 410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
Author: Jan Kara <>
Date:   Sun Aug 17 11:49:57 2014 +0200

    isofs: Fix unbounded recursion when processing relocated directories

    We did not check relocated directory in any way when processing Rock
    Ridge 'CL' tag. Thus a corrupted isofs image can possibly have a CL
    entry pointing to another CL entry leading to possibly unbounded
    recursion in kernel code and thus stack overflow or deadlocks (if there
    is a loop created from CL entries).

    Fix the problem by not allowing CL entry to point to a directory entry
    with CL entry (such use makes no good sense anyway) and by checking
    whether CL entry doesn't point to itself.

    Reported-by: Chris Evans <>
    Signed-off-by: Jan Kara <>

This still needs a CVE.

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ