CVE-2014-2678

Impact:
Moderate
Public Date:
2014-03-29
Bugzilla:
1083274: CVE-2014-2678 kernel: net: rds: dereference of a NULL device in rds_iw_laddr_check()
A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system.

Find out more about CVE-2014-2678 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 4.7
Base Metrics AV:L/AC:M/Au:N/C:N/I:N/A:C
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (kernel) RHSA-2014:0926 2014-07-23
Red Hat Enterprise Linux Extended Update Support 6.4 (kernel) RHSA-2014:1101 2014-08-27
MRG Grid for RHEL 6 Server v.2 (kernel-rt) RHSA-2014:0557 2014-05-27
Red Hat Enterprise Linux 6 (kernel) RHSA-2014:0981 2014-07-29

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Affected
Red Hat Enterprise Linux 7 kernel Not affected

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.