1. Home
  2. Vulnerabilities
  3. CVE-2014-2309

CVE-2014-2309

CVSS v2.0 6.1 (Medium)
61% Progress
EPSS 1.53 % (87th)
1.53% Progress
Affected Products 3
Advisories 54
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.

Weaknesses
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2014-03-11 13:01:10
(10 years ago)
Updated Date
2020-08-27 17:04:43
(4 years ago)

Affected Products

Linux

Opensuse

Suse

Configuration #1

    CPE23 From Up To
  Linux Kernel 3.13.6 and prior versions cpe:2.3:o:linux:linux_kernel <= 3.13.6

Configuration #2

    CPE23 From Up To
  Opensuse 11.4 cpe:2.3:o:opensuse:opensuse:11.4
  Suse Linux Enterprise Server 11 cpe:2.3:o:suse:linux_enterprise_server:11:-
  Suse Linux Enterprise Server 11 SP2 cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss