Linux kernel built with the IPv6 protocol(CONFIG_IPv6) along with the IPv6 source address based routing support(CONFIG_IPV6_SUBTREE) is vulnerable to a NULL pointer dereference flaw. It could occur while doing an ioctl(SIOCADDRT) call on an IPv6 socket. User would need to have CAP_NET_ADMIN privileges to perform such a call. A user/program with CAP_NET_ADMIN privileges could use this flaw to crash a system resulting in DoS. Upstream fix: ------------- -> https://git.kernel.org/linus/ae7b4e1f213aa659aedf9c6ecad0bf5f0476e1e2
Statement: This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2014:0100 https://rhn.redhat.com/errata/RHSA-2014-0100.html