CVE-2013-1826 Kernel: xfrm_user: return error pointer instead of NULL
Issue
Linux kernel built with XFRM
framework support is vulnerable to a NULL pointer dereference flaw. It occurs while accessing FRM state via xfrm_state_netlink
routine.
A privileged (CAP_NET_ADMIN)
user/program could use this flaw to crash systems, resulting in DoS.
Environment
-
This issue affects Red Hat Enterprise Linux (RHEL) 5 and 6.
-
This issue does not affect Red Hat Enterprise MRG 2.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.