Wind River Support Network

HomeDefectsSCP6-577

Fixed

SCP6-577 : Security Advisory - linux - CVE-2014-9715

Created: May 31, 2015 Updated: Dec 3, 2018

Resolved Date: Mar 17, 2016

Previous ID: LIN5-20479

Found In Version: 6.0.0.20

Fix Version: 6.0.0.29

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Kernel

Description

include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that triggers extension loading, as demonstrated by configuring a PPTP tunnel in a NAT environment.<a href=http://cwe.mitre.org/data/definitions/476.html>CWE-476: NULL Pointer Dereference</a>

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9715

Other Downloads

Wind River Linux SCP 6.0.0.30
Wind River Linux SCP 6.0.0.31
Wind River Linux SCP 6.0.0.32
Wind River Linux SCP 6.0.0.33
Wind River Linux SCP 6.0.0.34
Wind River Linux SCP 6.0.0.35
Wind River Linux SCP 6.0.0.36
Wind River Linux SCP 6.0.0.37
Wind River Linux SCP 6.0.0.38