fkie_cve-2014-7207
Vulnerability from fkie_nvd
Published
2014-11-10 11:55
Modified
2025-04-12 10:46
Severity ?
Summary
A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3220B70-917F-4F9F-8A3B-2BF581281E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*",
"matchCriteriaId": "7D47A395-821D-4BFF-996E-E849D9A40217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "99372D07-C06A-41FA-9843-6D57F99AB5AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2B9DC110-D260-4DB4-B8B0-EF1D160ADA07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6192FE84-4D53-40D4-AF61-78CE7136141A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*",
"matchCriteriaId": "42FEF3CF-1302-45EB-89CC-3786FE4BAC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*",
"matchCriteriaId": "AE6A6B58-2C89-4DE4-BA57-78100818095C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*",
"matchCriteriaId": "1D467F87-2F13-4D26-9A93-E0BA526FEA24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE348F7B-02DE-47D5-8011-F83DA9426021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*",
"matchCriteriaId": "8A603291-33B4-4195-B52D-D2A9938089C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E91594EA-F0A3-41B3-A9C6-F7864FC2F229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9E1ECCDB-0208-48F6-B44F-16CC0ECE3503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA8B5DE-372E-47E0-A0F6-BE286D509CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1CA083-2CF8-45AE-9E15-1AA3A8352E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "19D69A49-5290-4C5F-8157-719AD58D253D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "290BD969-42E7-47B0-B21B-06DE4865432C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "23A9E29E-DE78-4C73-9FBD-C2410F5FC8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "018434C9-E75F-45CB-A169-DAB4B1D864D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0AC68F-EC58-4C4F-8CBC-A59ECC00CCDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C123C844-F6D7-471E-A62E-F756042FB1CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A11C38BB-7FA2-49B0-AAC9-83DB387A06DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "61F3733C-E5F6-4855-B471-DF3FB823613B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1DDCA75F-9A06-4457-9A45-38A38E7F7086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7AEA837E-7864-4003-8DB7-111ED710A7E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "B6FE471F-2D1F-4A1D-A197-7E46B75787E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA9E6AB-58DC-4EC5-A25C-11F9D0B38BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6B8DB3-B05B-41A2-B091-342D66AAE8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "958F0FF8-33EF-4A71-A0BD-572C85211DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA39F48-B02F-4C48-B304-DA9CCA055244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF841F3-48A7-41D7-9C45-A8170435A5EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EF506916-A6DC-4B1E-90E5-959492AF55F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CDAD1F-2C6A-48C0-8FAB-C2659373FA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFE4B22-C96A-43D0-B993-F51EDD9C5E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "F571CC8B-B212-4553-B463-1DB01D616E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "84E3E151-D437-48ED-A529-731EEFF88567",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E3EA3C-CCA5-4433-86E0-3D02C4757A0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AC4F7D-9FA6-4CF1-B2E9-70BF7D4D177C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE3A80D-9648-43CC-8F99-D741ED6552BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A98C03-A465-41B4-A551-A26FEC7FFD94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEFEB26-F810-4998-B3FB-1503A410DC18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "B7C3A120-3118-4BAA-902D-3916B52BC0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "BB849D68-728A-4251-A8EF-86880D899416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "DC95E791-7723-43B4-B201-F0800DD4E8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.35:*:*:*:*:*:*:*",
"matchCriteriaId": "0E19EBEF-1E81-4B5B-B9FA-FBBB7A175FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.36:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB55642-480B-46BC-BEA4-509287AA6FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.37:*:*:*:*:*:*:*",
"matchCriteriaId": "FBFDF03D-79F0-43CD-9B4B-35202D6FCA06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.38:*:*:*:*:*:*:*",
"matchCriteriaId": "EB44B030-5A02-42A1-9913-5D4E01A2F1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.39:*:*:*:*:*:*:*",
"matchCriteriaId": "A1881D93-8E12-49BE-B685-956C3472F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.40:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2C30CC-FAE9-4CE9-B0C4-0910B51F3C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "D35B09BB-6027-463D-8A9B-4EEE92921FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.42:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2E2C3B-B2BC-4B33-A317-6CC25DCDA26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.43:*:*:*:*:*:*:*",
"matchCriteriaId": "9B654B47-FDC4-4822-A535-4F93023DF9DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.44:*:*:*:*:*:*:*",
"matchCriteriaId": "BA4FBF31-5002-4A1C-8139-29681A246B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.45:*:*:*:*:*:*:*",
"matchCriteriaId": "8E767A54-CDEB-4E0B-B275-DC8267239568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.46:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B33C2C-BDEB-4DFC-A7A6-92BB3C76B049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.47:*:*:*:*:*:*:*",
"matchCriteriaId": "8F6023DD-BAD8-4C40-A929-516BBC288455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.48:*:*:*:*:*:*:*",
"matchCriteriaId": "3293248C-90AB-4D5A-8A05-2DFAD2E6816B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.49:*:*:*:*:*:*:*",
"matchCriteriaId": "48AD42D2-A646-47FC-888C-76F2E7CF536D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB84CB9-69B7-4CBE-8A20-9B4ACF38AA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.51:*:*:*:*:*:*:*",
"matchCriteriaId": "5BD5DA43-B954-4440-940F-7503383D5D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.52:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9F0D08-5D4A-4B18-86F6-8FB7DC620FE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.53:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2B2C3B-037E-421E-AF5E-27F433F1096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.54:*:*:*:*:*:*:*",
"matchCriteriaId": "499D2751-F16F-4B18-96A1-F8D734A52347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.55:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDB0C10-FB88-4E2F-AAD4-2619A0BE3070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.56:*:*:*:*:*:*:*",
"matchCriteriaId": "279AB216-B876-4D98-9AB3-CF9A0EAA2F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.57:*:*:*:*:*:*:*",
"matchCriteriaId": "355E7FF4-6742-4342-B0E6-0A42BFF71CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.58:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6CDBBE-4D05-4584-8884-6685B1F42C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.59:*:*:*:*:*:*:*",
"matchCriteriaId": "E752E5AA-E1AC-47C0-897B-0ADB8B5CAFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.60:*:*:*:*:*:*:*",
"matchCriteriaId": "A0130846-B04A-4FB3-B962-7D7FA8A93803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.61:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3A436B-07EB-4442-A947-5A26029F9A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.62:*:*:*:*:*:*:*",
"matchCriteriaId": "5E854209-BBC9-425D-AE89-D86D45E49FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.63:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DE2CA7-95DD-4049-8F97-0FE0C949BDCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C7871395-6B03-4E72-A355-47B9BDEA05F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access."
},
{
"lang": "es",
"value": "Cierto parche de Debian a la implementaci\u00f3n IPv6 en el kernel de Linux 3.2.x hasta 3.2.63 no valida debidamente los argumentos en llamadas a la funci\u00f3n ipv6_select_ident, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda del sistema) mediante el aprovechamiento del acceso al dispositivo (1) tun o (2) macvtap."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2014-7207",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-10T11:55:08.080",
"references": [
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2014/dsa-3060"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2014/11/02/1"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/70867"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/USN-2417-1"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/USN-2418-1"
},
{
"source": "security@debian.org",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/11/02/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2417-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2418-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766195"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…