CVE-2013-1826 Kernel: xfrm_user: return error pointer instead of NULL

Solution Unverified - Updated -

Issue

Linux kernel built with XFRM framework support is vulnerable to a NULL pointer dereference flaw. It occurs while accessing FRM state via xfrm_state_netlink routine.

A privileged (CAP_NET_ADMIN) user/program could use this flaw to crash systems, resulting in DoS.

Environment

  • This issue affects Red Hat Enterprise Linux (RHEL) 5 and 6.

  • This issue does not affect Red Hat Enterprise MRG 2.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.