Return to CVE list

CVE-2014-7207

4.9
Medium

CVE-2014-7207

security@debian.org
Modified
View on MITREFind on GitHub

Description

A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

security@debian.org
http://www.debian.org/security/2014/dsa-3060
security@debian.org
http://www.openwall.com/lists/oss-security/2014/11/02/1
security@debian.org
http://www.securityfocus.com/bid/70867
security@debian.org
http://www.ubuntu.com/usn/USN-2417-1
security@debian.org
http://www.ubuntu.com/usn/USN-2418-1
security@debian.org
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766195
af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2014/dsa-3060
af854a3a-2127-422b-91ae-364da2661108
http://www.openwall.com/lists/oss-security/2014/11/02/1
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/70867
af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-2417-1
af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-2418-1
af854a3a-2127-422b-91ae-364da2661108
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766195