7.8

CVE-2014-3535

Exploit
include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 2.6.35.13
LinuxLinux Kernel Version2.6.35
LinuxLinux Kernel Version2.6.35 Updaterc1
LinuxLinux Kernel Version2.6.35 Updaterc2
LinuxLinux Kernel Version2.6.35 Updaterc3
LinuxLinux Kernel Version2.6.35 Updaterc4
LinuxLinux Kernel Version2.6.35 Updaterc5
LinuxLinux Kernel Version2.6.35 Updaterc6
LinuxLinux Kernel Version2.6.35.1
LinuxLinux Kernel Version2.6.35.2
LinuxLinux Kernel Version2.6.35.3
LinuxLinux Kernel Version2.6.35.4
LinuxLinux Kernel Version2.6.35.5
LinuxLinux Kernel Version2.6.35.6
LinuxLinux Kernel Version2.6.35.7
LinuxLinux Kernel Version2.6.35.8
LinuxLinux Kernel Version2.6.35.9
LinuxLinux Kernel Version2.6.35.10
LinuxLinux Kernel Version2.6.35.11
LinuxLinux Kernel Version2.6.35.12
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.15% 0.895
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=256df2f3879efdb2e9808bdb1b54b16fbb11fa38
http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.36
Vendor Advisory
Exploit
http://www.securityfocus.com/bid/69721
https://bugzilla.redhat.com/show_bug.cgi?id=1114540
https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38
Exploit