CVE-2014-9715
kernel: netfilter connection tracking extensions denial of service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that triggers extension loading, as demonstrated by configuring a PPTP tunnel in a NAT environment.
include/net/netfilter/nf_conntrack_extend.h en el subsistema netfilter en el kernel de Linux anterior a 3.14.5 utiliza un tipo de datos insuficientemente grande para ciertos datos de extensión, lo que permite a usuarios locales causar una denegación de servicio (referencia a puntero nulo y OOPS) a través de trafico de red saliente que provoca la carga de extensiones, tal y como fue demostrado mediante la configuración de un túnel PPTP en un entorno NAT.
An integer overflow flaw was found in the way the Linux kernel's netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially crafted packets that would initiate the loading of a large number of extensions, causing the targeted system in that network to crash.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-04-08 CVE Reserved
- 2015-04-27 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-841: Improper Enforcement of Behavioral Workflow
CAPEC
References (13)
URL | Tag | Source |
---|---|---|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=223b02d923ecd7c84cf9780bb3686f455d279279 | X_refsource_confirm | |
http://marc.info/?l=netfilter-devel&m=140112364215200&w=2 | Mailing List | |
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.5 | X_refsource_confirm | |
http://www.openwall.com/lists/oss-security/2015/04/08/1 | Mailing List | |
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | X_refsource_confirm | |
http://www.securityfocus.com/bid/73953 | Vdb Entry | |
http://www.securitytracker.com/id/1032415 | Vdb Entry | |
https://github.com/torvalds/linux/commit/223b02d923ecd7c84cf9780bb3686f455d279279 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2015-1534.html | 2023-11-07 | |
http://rhn.redhat.com/errata/RHSA-2015-1564.html | 2023-11-07 | |
http://www.debian.org/security/2015/dsa-3237 | 2023-11-07 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1208684 | 2015-08-05 | |
https://access.redhat.com/security/cve/CVE-2014-9715 | 2015-08-05 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 3.14.4 Search vendor "Linux" for product "Linux Kernel" and version " <= 3.14.4" | - |
Affected
|