Red Hat Bugzilla – Bug 1074471
CVE-2014-2309 Kernel: net: IPv6: crash due to router advertisement flooding
Last modified: 2015-10-15 14:16:43 EDT
Linux kernel built with the IPv6 protocol support(CONFIG_IPv6) is vulnerable
to a kernel crash caused by a flood of IPv6 router advertisement(RA) packets.
It occurs while processing the IPv6 router advertisement packets.
A remote attacker in the same layer 2 segment can use this flaw to crash the
kernel on a target system, resulting in DoS.
Introduced in patch:
This issue does not affect the versions of Linux kernel as shipped with
Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1075064]
kernel-3.13.7-200.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.13.7-100.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products:
MRG for RHEL-6 v.2
Via RHSA-2014:0439 https://rhn.redhat.com/errata/RHSA-2014-0439.html