Linux Kernel IPv6 Router Advertisement Processing Flaw Lets Remote Users Deny Service
|
SecurityTracker Alert ID: 1029894 |
SecurityTracker URL: http://securitytracker.com/id/1029894
|
CVE Reference:
CVE-2014-2309
(Links to External Site)
|
Date: Mar 11 2014
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3.x
|
Description:
A vulnerability was reported in the Linux Kernel. A remote user on the local network can cause denial of service conditions.
A remote user on the local network can send specially crafted IPv6 router advertisement packets to cause the target kernel to crash.
Systems built with IPv6 protocol support (CONFIG_IPv6) and configured with IPv6 temporary addresses enabled are affected.
|
Impact:
A remote user on the local network can cause the target system to crash.
|
Solution:
The vendor has issued a source code fix, available at:
https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=c88507fbad8055297c1d1e21e599f46960cbee39
|
Vendor URL: www.kernel.org/ (Links to External Site)
|
Cause:
Resource error
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|