Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 7 Mar 2014 13:45:10 +0100
From: Sabrina Dubroca <>
Subject: CVE Request: Linux kernel: IPv6: crash due to router advertisement

The Linux kernel is vulnerable to a crash on hosts that accept router
advertisements. An unlimited number of routes can be created from
router advertisements.

A remote attacker in the same layer 2 segment can cause a crash from
memory exhaustion by flooding router advertisements to a target

Upstream fix:

The patch is pending for stable.

Introduced by:

This commit appeared in 3.0.


Sabrina Dubroca

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.