QwikSec

Security Database

CVE

CWE

Training

CVE-2014-2309

Published: Mar 11, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=c88507fbad8055297c1d1e21e599f46960cbee39

x_refsource_CONFIRM

[oss-security] 20140307 Re: CVE Request: Linux kernel: IPv6: crash due to router advertisement flooding

mailing-list

x_refsource_MLIST

SUSE-SU-2015:0481

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2015:0566

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.