Linux Kernel IPv6 router advertisement Packet Processing Denial of Service Vulnerability

Release date:
Updated on:

Affected Systems:
Linux kernel 3.13.x
Linux kernel 3.10.x
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2014-2309

Linux Kernel is the Kernel of the Linux operating system.

Linux Kernel 3.10.33, 3.12.13, 3.13.6 has an error when creating a router advertisement route, which can be exploited to consume available memory resources maliciously, resulting in DOS. For successful exploitation, you must use the CONFIG_IPv6 protocol to support and enable the IPv6 temporary address.

<* Source: vendor

Link: http://secunia.com/advisories/57250/
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.kernel.org/
Https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit? Id = c88507fbad8055297c1d1e21e599f46960cbee39

Linux Kernel: click here
Linux Kernel: click here

The Linux kernel replaces iptables with nftables

Linux 3.12 code Suicidal Squirrel

How to install Linux 3.11 Kernel on Ubuntu

The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5

Linux Kernel 3.4.62 LTS is now available for download

How to install Linux kernel 13.10 On Ubuntu 3.12