Novell Home

CVE-2013-6431

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-6431 at MITRE

Description

The fib6_add function in net/ipv6/ip6_fib.c in the Linux kernel before 3.11.5 does not properly implement error-code encoding, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for an IPv6 SIOCADDRT ioctl call.

NVD CVSS v2 Base Score: 4.7 (AV:L/AC:M/Au:N/C:N/I:N/A:C)

Novell/SUSE information

Novell Bugzilla entry: 854173

SUSE Security Advisories:

© 2014 Novell