The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | kernel | 2013-10-16 20:53 | ALAS-2013-233 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv2 | 4.9 | AV:L/AC:L/Au:N/C:N/I:N/A:C |
NVD | CVSSv2 | 4.7 | AV:L/AC:M/Au:N/C:N/I:N/A:C |