| CVE-2014-7207 | Date: (C)2014-11-13 (M)2024-04-19 |
A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access.
CVSS Score and Metrics +CVSS Score and Metrics -| CVSS V2 Severity: |
| CVSS Score : 4.9 |
| Exploit Score: 3.9 |
| Impact Score: 6.9 |
| |
| CVSS V2 Metrics: |
| Access Vector: LOCAL |
| Access Complexity: LOW |
| Authentication: NONE |
| Confidentiality: COMPLETE |
| Integrity: NONE |
| Availability: NONE |
| | |
