Published: 26/03/2014 Updated: 22/04/2019

CVSS v2 Base Score: 5.5 | Impact Score: 6.9 | Exploitability Score: 5.1

VMScore: 490

Vector: AV:A/AC:L/Au:S/C:N/I:N/A:C

The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package prior to 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service (host OS crash) via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat enterprise linux 6.0

The ip6_route_add function in net/ipv6/routec in the Linux kernel through 3136 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets drivers/vhost/netc in the Linux kernel before 31310, when mergeable buffers are disab ...

Several security issues were fixed in the kernel ...

NVD-CWE-noinfo https://bugzilla.redhat.com/show_bug.cgi?id=1062577 http://rhn.redhat.com/errata/RHSA-2014-0328.html http://rhn.redhat.com/errata/RHSA-2014-0339.html http://www.securityfocus.com/bid/66441 http://secunia.com/advisories/59386 https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2014-328.html https://usn.ubuntu.com/2225-1/

CVE-2014-0055

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect