CVE-2014-2678

2014-04-0106:35:53

CWE-476

[email protected]

web.nvd.nist.gov

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.004

Percentile

73.9%

JSON

The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.

Affected configurations

Nvd

Node

linuxlinux_kernelRange≤3.14

Node

fedoraprojectfedoraMatch20

Node

oraclelinuxMatch5-

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
fedoraprojectfedora20cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
oraclelinux5cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
fedoraproject	fedora	20	cpe:2.3:o:fedoraproject:fedora:20:::::::*
oracle	linux	5	cpe:2.3:o:oracle:linux:5:-::::::