Linux kernel built with the networking suppport(CONFIG_NET) is vulnerable to a NULL pointer dereference flaw. It could occur while processing packets over VxLAN interface of a virtual network. An unprivileged user/process could use this flaw to crash the system kernel resulting in DoS. Upstream fix: ------------- -> https://git.kernel.org/linus/256df2f3879efdb2e9808bdb1b54b16fbb11fa38
Statement: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 7 and Red Hat Enterprise MRG 2. This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6. Future kernel updates for Red Hat Enterprise Linux 6 may address this issue.
IssueDescription: A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an interface.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2014:1167 https://rhn.redhat.com/errata/RHSA-2014-1167.html
This issue has been addressed in following products: RHEV-H and Agents for RHEL-6 Via RHSA-2014:1168 https://rhn.redhat.com/errata/RHSA-2014-1168.html