The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows malicious users to cause a denial of service (kernel oops) via an update message without private protocol information, which triggers a null dereference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 2.6.14 |
||
linux linux kernel 2.6.14.1 |
||
linux linux kernel 2.6.14.2 |
||
linux linux kernel 2.6.14.3 |