Published: 24/03/2014 Updated: 07/11/2023

CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4

VMScore: 419

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel prior to 3.12.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Several security issues were fixed in the kernel ...

A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS) A local, unprivileged user could use this flaw to crash the system ...

CWE-476 https://github.com/torvalds/linux/commit/c2349758acf1874e4c2b93fe41d072336f1a31d0 http://www.openwall.com/lists/oss-security/2014/03/20/14 https://bugzilla.redhat.com/show_bug.cgi?id=1079214 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8 http://www.securityfocus.com/bid/66351 http://secunia.com/advisories/59386 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c2349758acf1874e4c2b93fe41d072336f1a31d0 https://nvd.nist.gov https://usn.ubuntu.com/2135-1/https://access.redhat.com/security/cve/cve-2013-7339

CVE-2013-7339

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect