CVE-2014-7207

2014-11-10T11:55:00
ID CVE-2014-7207
Type cve
Reporter cve@mitre.org
Modified 2014-12-24T03:00:00

Description

A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>