CVE-2013-1826 Kernel: xfrm_user: return error pointer instead of NULL
Issue
Linux kernel built with XFRM framework support is vulnerable to a NULL pointer dereference flaw. It occurs while accessing FRM state via xfrm_state_netlink routine.
A privileged (CAP_NET_ADMIN) user/program could use this flaw to crash systems, resulting in DoS.
Environment
-
This issue affects Red Hat Enterprise Linux (RHEL) 5 and 6.
-
This issue does not affect Red Hat Enterprise MRG 2.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
