Red Hat Bugzilla – Bug 919164
CVE-2013-1827 Kernel: dccp: check ccid before NULL poiter dereference
Last modified: 2015-07-31 02:59:55 EDT
Linux kernels built with Datagram Congestion Control Protocol(DCCP),
are vulnerable to a NULL pointer dereference flaw. This occurs while accessing socket options of dccp_sock objects via ccid_hc_rx_getsockopt & ccid_hc_tx_getsockopt routines.
A user/program could use this flaw to crash the kernel, resulting in DoS.
This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.
This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6.
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2013:0744 https://rhn.redhat.com/errata/RHSA-2013-0744.html